Lucene search

Basic search
Lucene search
Search by product

Database

Vendors

Gentoo FoundationMGASA-2022-0352

HistoryOct 01, 2022 - 8:48 p.m.

Updated expat packages fix security vulnerability

Vulners
Mageia
Updated expat packages fix security vulnerability

2022-10-0120:48:24

Gentoo Foundation

advisories.mageia.org

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

0.006 Low

EPSS

Percentile

77.8%

JSON

libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c. (CVE-2022-40674)

OSVersionArchitecturePackageVersionFilename
Mageia8noarchexpat< 2.2.10-1.5expat-2.2.10-1.5.mga8

OS	Version	Architecture	Package	Version	Filename
Mageia	8	noarch	expat	< 2.2.10-1.5	expat-2.2.10-1.5.mga8

References

bugs.mageia.org/show_bug.cgi?id=30884

www.debian.org/security/2022/dsa-5236

redhat 21

nessus 79

prion 1

oraclelinux 10

veracode 1

cbl_mariner 2

fedora 2

openvas 24

freebsd 1

osv 15

rosalinux 2

cvelist 1

almalinux 6

ibm 10

suse 2

ubuntu 1

rocky 4

debian 2

amazon 2

cgr 1

wolfi 1

slackware 1

centos 1

ubuntucve 1

githubexploit 2

redhatcve 1

photon 1

f5 1

cve 1

nvd 1

debiancve 1

redhat

(RHSA-2022:7019) Important: firefox security update

2022-10-18 17:40:11

(RHSA-2022:6995) Important: thunderbird security update

2022-10-18 12:25:32

(RHSA-2023:3068) Important: mingw-expat security update

2023-05-16 06:02:05

nessus

EulerOS Virtualization 2.9.0 : expat (EulerOS-SA-2023-1220)

2023-01-11 00:00:00

RHEL 9 : thunderbird (RHSA-2022:7026)

2022-10-18 00:00:00

RHEL 8 : thunderbird (RHSA-2022:6996)

2022-10-18 00:00:00

prion

Design/Logic Flaw

2022-09-14 11:15:00

oraclelinux

thunderbird security update

2022-10-20 00:00:00

firefox security update

2022-10-19 00:00:00

expat security update

2022-10-11 00:00:00

veracode

Use-After-Free

2022-09-15 08:37:15

cbl_mariner

CVE-2022-40674 affecting package expat 2.4.6-1

2022-10-04 07:51:28

CVE-2022-40674 affecting package expat for versions less than 2.4.8-2

2022-09-23 18:23:13

fedora

[SECURITY] Fedora 36 Update: expat-2.4.9-1.fc36

2022-10-07 15:56:55

[SECURITY] Fedora 35 Update: expat-2.4.9-1.fc35

2022-10-14 12:58:55

openvas

Huawei EulerOS: Security Advisory for expat (EulerOS-SA-2023-1166)

2023-01-12 00:00:00

SUSE: Security Advisory (SUSE-SU-2022:3597-1)

2022-10-18 00:00:00

Debian: Security Advisory (DSA-5236-1)

2022-09-24 00:00:00

freebsd

expat -- Heap use-after-free vulnerability

2022-09-14 00:00:00

osv

Important: expat security update

2022-10-11 00:00:00

CVE-2022-40674

2022-09-14 11:15:54

expat - security update

2022-09-25 00:00:00

rosalinux

Advisory ROSA-SA-2023-2168

2023-06-20 09:22:31

Advisory ROSA-SA-2023-2166

2023-06-20 09:12:17

cvelist

CVE-2022-40674

2022-09-14 00:00:00

almalinux

Important: firefox security update

2022-10-18 00:00:00

Important: expat security update

2022-10-11 00:00:00

Important: mingw-expat security update

2023-05-16 00:00:00

ibm

Security Bulletin: A vulnerability has been identified in IBM HTTP Server used by IBM Rational ClearQuest (CVE-2022-40674)

2022-11-23 02:12:54

Security Bulletin: IBM WebSphere Application Server shipped with IBM Security Access Manager for Enterprise Single Sign-On uses IBM HTTP Server that is vulnerable to arbitrary code execution due to Expat (CVE-2022-40674)

2022-11-22 02:23:41

Security Bulletin: A security vulnerability has been identified in IBM HTTP Server shipped with IBM Rational ClearCase [CVE-2022-40674]

2022-11-24 05:04:25

suse

Security update for expat (important)

2022-10-01 00:00:00

Security update for expat (important)

2022-10-17 00:00:00

ubuntu

Expat vulnerability

2022-09-26 00:00:00

rocky

expat security update

2022-10-06 14:37:41

thunderbird security update

2022-10-18 17:40:48

expat security update

2022-10-11 12:38:26

debian

[SECURITY] [DLA 3119-1] expat security update

2022-09-25 07:30:35

[SECURITY] [DSA 5236-1] expat security update

2022-09-22 20:17:33

amazon

Important: expat

2022-12-01 17:34:00

Important: expat

2022-10-31 19:40:00

cgr

CVE-2022-40674 vulnerabilities

2024-02-06 23:19:33

wolfi

CVE-2022-40674 vulnerabilities

2024-02-07 01:47:52

slackware

[slackware-security] python3

2022-10-14 01:46:13

centos

expat security update

2022-10-26 14:19:51

ubuntucve

CVE-2022-40674

2022-09-14 00:00:00

githubexploit

Exploit for Use After Free in Libexpat Project Libexpat

2022-10-19 11:15:29

Exploit for Use After Free in Libexpat Project Libexpat

2022-10-19 11:15:29

redhatcve

CVE-2022-40674

2022-09-29 05:18:54

photon

Critical Photon OS Security Update - PHSA-2022-0249

2022-09-21 00:00:00

K44454157 : Expat vulnerability CVE-2022-40674

2022-10-31 00:00:00

cve

CVE-2022-40674

2022-09-14 11:15:54

nvd

CVE-2022-40674

2022-09-14 11:15:54

debiancve

CVE-2022-40674

2022-09-14 11:15:54

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

0.006 Low

EPSS

Percentile

77.8%

JSON

Related for MGASA-2022-0352