libexpat.so is vulnerable to denial of service. The vulnerability exists due to the integer overflow in the build_model of xmlparse.c, allowing an attacker to cause an application crash.

CPENameOperatorVersion
libexpat.sole1.8.6
expateq2.1
expat:sideq2.2.10-1
expat:sideq2.4.1-2
expat:edgeeq2.4.2-r0
expat:edgeeq2.2.9-r1
expat:edgeeq2.4.1-r0
expat:edgeeq2.2.10-r1
expat:edgeeq2.3.0-r0
expat:3.13eq2.2.10-r1

Name	Operator	Version
libexpat.so	le	1.8.6
expat	eq	2.1
expat:sid	eq	2.2.10-1
expat:sid	eq	2.4.1-2
expat:edge	eq	2.4.2-r0
expat:edge	eq	2.2.9-r1
expat:edge	eq	2.4.1-r0
expat:edge	eq	2.2.10-r1
expat:edge	eq	2.3.0-r0
expat:3.13	eq	2.2.10-r1

Rows per page:

1-10 of 11961

References

www.openwall.com/lists/oss-security/2022/01/17/3

cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf

github.com/libexpat/libexpat/commit/b4b28ce597034c118540d1e21efe322458a01d69

github.com/libexpat/libexpat/pull/539

security.gentoo.org/glsa/202209-24

www.debian.org/security/2022/dsa-5073

www.tenable.com/security/tns-2022-05

redhatcve 1

alpinelinux 1

prion 1

cbl_mariner 2

cvelist 1

cnvd 1

nvd 1

osv 9

debiancve 1

cve 1

f5 1

nessus 59

ubuntucve 1

ibm 25

redhat 12

amazon 2

almalinux 2

oraclelinux 3

rocky 2

openvas 27

photon 6

suse 1

hp 1

altlinux 1

mageia 1

slackware 1

debian 2

ubuntu 2

centos 1

cloudfoundry 1

ics 3

cloudlinux 1

aix 1

gentoo 1

avleonov 1

redhatcve

CVE-2022-22823

2022-01-24 17:32:29

alpinelinux

CVE-2022-22823

2022-01-10 14:12:56

prion

Integer overflow

2022-01-10 14:12:00

cbl_mariner

CVE-2022-22823 affecting package expat 2.4.1-2

2022-01-26 22:53:38

CVE-2022-22823 affecting package expat for versions less than 2.4.3-1

2022-04-09 06:51:43

cvelist

CVE-2022-22823

2022-01-08 02:57:07

cnvd

Expat build_model function buffer overflow vulnerability

2022-01-14 00:00:00

nvd

CVE-2022-22823

2022-01-10 14:12:56

osv

CVE-2022-22823

2022-01-10 14:12:56

Moderate: xmlrpc-c security update

2022-11-08 06:26:32

Moderate: xmlrpc-c security update

2022-11-08 00:00:00

debiancve

CVE-2022-22823

2022-01-10 14:12:56

cve

CVE-2022-22823

2022-01-10 14:12:56

K23421535 : Expat vulnerabilities CVE-2022-22822, CVE-2022-22823, and CVE-2022-22824

2022-05-01 00:00:00

nessus

F5 Networks BIG-IP : Expat vulnerabilities (K23421535)

2022-05-01 00:00:00

Oracle Linux 8 : xmlrpc-c (ELSA-2022-7692)

2022-11-15 00:00:00

CentOS 8 : xmlrpc-c (CESA-2022:7692)

2022-11-08 00:00:00

ubuntucve

CVE-2022-22823

2022-01-10 00:00:00

ibm

Security Bulletin: Multiple Vulnerabilities in Expat component shipped with IBM Rational ClearCase ( CVE-2022-22822, CVE-2022-22823, CVE-2022-22824, CVE-2022-22825, CVE-2022-22826, CVE-2022-22827 )

2022-07-25 14:51:53

Security Bulletin: Multiple vulnerabilities in IBM HTTP Server used by IBM WebSphere Application Server due to Expat vulnerabilities

2022-03-02 18:47:38

Security Bulletin: Multiple vulnerabilities in IBM HTTP Server shipped in IBM WebSphere Application Server Patterns

2022-04-22 21:39:22

redhat

(RHSA-2022:7692) Moderate: xmlrpc-c security update

2022-11-08 06:26:32

(RHSA-2022:0951) Important: expat security update

2022-03-16 15:13:06

(RHSA-2022:1069) Important: expat security update

2022-03-28 08:42:24

amazon

Medium: expat

2022-07-06 03:09:00

Medium: expat

2022-06-30 23:38:00

almalinux

Moderate: xmlrpc-c security update

2022-11-08 00:00:00

Important: expat security update

2022-03-16 00:00:00

oraclelinux

xmlrpc-c security update

2022-11-15 00:00:00

expat security update

2022-03-28 00:00:00

expat security update

2022-03-16 00:00:00

rocky

xmlrpc-c security update

2022-11-08 06:26:32

expat security update

2022-03-16 15:13:06

openvas

Mageia: Security Advisory (MGASA-2022-0031)

2022-01-28 00:00:00

openSUSE: Security Advisory for expat (openSUSE-SU-2022:0178-1)

2022-02-08 00:00:00

SUSE: Security Advisory (SUSE-SU-2022:14878-1)

2022-01-26 00:00:00

photon

Critical Photon OS Security Update - PHSA-2022-0353

2022-01-19 00:00:00

Critical Photon OS Security Update - PHSA-2022-3.0-0353

2022-01-19 00:00:00

Critical Photon OS Security Update - PHSA-2022-0431

2022-01-23 00:00:00

suse

Security update for expat (important)

2022-01-25 00:00:00

Expat Library update for Teradici PCoIP Software and Firmware

2022-04-11 00:00:00

altlinux

Security fix for the ALT Linux 9 package expat version 2.4.3-alt1

2022-01-31 00:00:00

mageia

Updated expat packages fix security vulnerability

2022-01-25 15:13:11

slackware

[slackware-security] expat

2022-01-16 21:48:11

debian

[SECURITY] [DLA 2904-1] expat security update

2022-01-30 21:42:20

[SECURITY] [DSA 5073-1] expat security update

2022-02-12 13:32:08

ubuntu

Expat vulnerabilities

2022-02-21 00:00:00

xmltok library vulnerabilities

2022-07-19 00:00:00

centos

expat security update

2022-03-29 22:31:03

cloudfoundry

USN-5288-1: Expat vulnerabilities | Cloud Foundry

2022-04-21 00:00:00

ics

Hitachi Energy AFS65x, AFF66x, AFS67x, and AFR67x Series Products

2023-10-05 12:00:00

Siemens SINEMA Remote Connect Server

2022-06-16 12:00:00

Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1

2023-12-14 12:00:00

cloudlinux

Fixed 13 CVEs in expat

2022-08-17 18:50:48

aix

AIX is affected by multiple vulnerabilities in Python

2022-07-28 13:12:18

gentoo

Expat: Multiple Vulnerabilities

2022-09-29 00:00:00

avleonov

Scanvus now supports Vulners and Vulns.io VM Linux vulnerability detection APIs

2022-12-30 18:03:13

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

0.01 Low

EPSS

Percentile

83.6%

JSON

Related for VERACODE:33573