Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
oraclelinuxOracleLinuxELSA-2022-1069
HistoryMar 28, 2022 - 12:00 a.m.

expat security update

2022-03-2800:00:00
linux.oracle.com
47

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

JSON

[2.1.0-14.0.1]

  • lib: Prevent integer overflow in doProlog [CVE-2022-23990][Orabug: 33910302]
    [2.1.0-14]
  • Fix multiple CVEs
  • CVE-2022-25236 expat: namespace-separator characters in ‘xmlns[:prefix]’ attribute values can lead to arbitrary code execution
  • CVE-2022-25235 expat: malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution
  • CVE-2022-25315 expat: integer overflow in storeRawNames()
  • Resolves: CVE-2022-25236
  • Resolves: CVE-2022-25235
  • Resolves: CVE-2022-25315
    [2.1.0-13]
  • Fix multiple CVEs
  • CVE-2022-23852 expat: integer overflow in function XML_GetBuffer
  • CVE-2021-45960 expat: Large number of prefixed XML attributes on a single tag can crash libexpat
  • CVE-2021-46143 expat: Integer overflow in doProlog in xmlparse.c
  • CVE-2022-22827 Integer overflow in storeAtts in xmlparse.c
  • CVE-2022-22826 Integer overflow in nextScaffoldPart in xmlparse.c
  • CVE-2022-22825 Integer overflow in lookup in xmlparse.c
  • CVE-2022-22824 Integer overflow in defineAttribute in xmlparse.c
  • CVE-2022-22823 Integer overflow in build_model in xmlparse.c
  • CVE-2022-22822 Integer overflow in addBinding in xmlparse.c
  • Resolves: CVE-2022-23852
  • Resolves: CVE-2021-45960
  • Resolves: CVE-2021-46143
  • Resolves: CVE-2022-22827
  • Resolves: CVE-2022-22826
  • Resolves: CVE-2022-22825
  • Resolves: CVE-2022-22824
  • Resolves: CVE-2022-22823
  • Resolves: CVE-2022-22822
OSVersionArchitecturePackageVersionFilename
oracle linux7srcexpat< 2.1.0-14.0.1.el7_9expat-2.1.0-14.0.1.el7_9.src.rpm
oracle linux7aarch64expat< 2.1.0-14.0.1.el7_9expat-2.1.0-14.0.1.el7_9.aarch64.rpm
oracle linux7aarch64expat-devel< 2.1.0-14.0.1.el7_9expat-devel-2.1.0-14.0.1.el7_9.aarch64.rpm
oracle linux7aarch64expat-static< 2.1.0-14.0.1.el7_9expat-static-2.1.0-14.0.1.el7_9.aarch64.rpm
oracle linux7srcexpat< 2.1.0-14.0.1.el7_9expat-2.1.0-14.0.1.el7_9.src.rpm
oracle linux7i686expat< 2.1.0-14.0.1.el7_9expat-2.1.0-14.0.1.el7_9.i686.rpm
oracle linux7x86_64expat< 2.1.0-14.0.1.el7_9expat-2.1.0-14.0.1.el7_9.x86_64.rpm
oracle linux7i686expat-devel< 2.1.0-14.0.1.el7_9expat-devel-2.1.0-14.0.1.el7_9.i686.rpm
oracle linux7x86_64expat-devel< 2.1.0-14.0.1.el7_9expat-devel-2.1.0-14.0.1.el7_9.x86_64.rpm
oracle linux7i686expat-static< 2.1.0-14.0.1.el7_9expat-static-2.1.0-14.0.1.el7_9.i686.rpm
Rows per page:
1-10 of 111

Related

osv 11
nessus 88
redhat 15
almalinux 3
rocky 2
centos 1
ibm 29
oraclelinux 3
cloudlinux 1
hp 1
suse 3
mageia 2
slackware 2
ubuntu 2
cloudfoundry 1
altlinux 1
ics 2
amazon 4
debian 4
aix 1
photon 6
gentoo 1
f5 3
ubuntucve 6
fedora 6
redos 1
osv
osv
Important: expat security update
2022-03-16 00:00:00
Important: expat security update
2022-03-16 15:13:06
expat vulnerabilities
2022-02-21 14:48:40
nessus
nessus
CentOS 7 : expat (CESA-2022:1069)
2022-03-30 00:00:00
Rocky Linux 8 : expat (RLSA-2022:0951)
2023-11-06 00:00:00
NewStart CGSL MAIN 6.02 : expat Multiple Vulnerabilities (NS-SA-2022-0098)
2022-11-15 00:00:00
redhat
redhat
(RHSA-2022:0951) Important: expat security update
2022-03-16 15:13:06
(RHSA-2022:1069) Important: expat security update
2022-03-28 08:42:24
(RHSA-2022:7692) Moderate: xmlrpc-c security update
2022-11-08 06:26:32
almalinux
almalinux
Important: expat security update
2022-03-16 00:00:00
Moderate: xmlrpc-c security update
2022-11-08 00:00:00
Important: mingw-expat security update
2022-11-08 00:00:00
rocky
rocky
expat security update
2022-03-16 15:13:06
xmlrpc-c security update
2022-11-08 06:26:32
centos
centos
expat security update
2022-03-29 22:31:03
ibm
ibm
Security Bulletin: IBM QRadar Network Security is affected by multiple vulnerabilities in Expact library.
2022-07-19 08:54:07
Security Bulletin: Multiple vulnerabilities in IBM HTTP Server used by WebSphere Application Server affect IBM Business Automation Workflow and IBM Business Process Manager
2022-09-14 15:28:14
Security Bulletin: Multiple vulnerabilities in IBM HTTP Server used by IBM WebSphere Application Server due to Expat vulnerabilities
2022-03-02 18:47:38
oraclelinux
oraclelinux
expat security update
2022-03-16 00:00:00
xmlrpc-c security update
2022-11-15 00:00:00
expat security update
2022-05-06 00:00:00
cloudlinux
cloudlinux
Fixed 13 CVEs in expat
2022-08-17 18:50:48
hp
hp
Expat Library update for Teradici PCoIP Software and Firmware
2022-04-11 00:00:00
suse
suse
Security update for expat (important)
2022-01-25 00:00:00
Security update for expat (important)
2022-03-04 00:00:00
Security update for expat (important)
2022-07-06 00:00:00
mageia
mageia
Updated expat packages fix security vulnerability
2022-01-25 15:13:11
Updated expat packages fix security vulnerability
2022-02-22 23:15:16
slackware
slackware
[slackware-security] expat
2022-01-16 21:48:11
[slackware-security] expat
2022-02-20 05:16:42
ubuntu
ubuntu
Expat vulnerabilities
2022-02-21 00:00:00
xmltok library vulnerabilities
2022-07-19 00:00:00
cloudfoundry
cloudfoundry
USN-5288-1: Expat vulnerabilities | Cloud Foundry
2022-04-21 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package expat version 2.4.3-alt1
2022-01-31 00:00:00
ics
ics
Hitachi Energy AFS65x, AFF66x, AFS67x, and AFR67x Series Products
2023-10-05 12:00:00
Siemens SINEMA Remote Connect Server
2022-06-16 12:00:00
amazon
amazon
Medium: expat
2022-06-30 23:38:00
Medium: expat
2022-07-06 03:09:00
Critical: expat
2022-03-09 22:13:00
debian
debian
[SECURITY] [DSA 5073-1] expat security update
2022-02-12 13:32:08
[SECURITY] [DLA 2904-1] expat security update
2022-01-30 21:42:20
[SECURITY] [DLA 2935-1] expat security update
2022-03-07 13:35:55
aix
aix
AIX is affected by multiple vulnerabilities in Python
2022-07-28 13:12:18
photon
photon
Critical Photon OS Security Update - PHSA-2022-0462
2022-01-22 00:00:00
Critical Photon OS Security Update - PHSA-2022-0431
2022-01-23 00:00:00
Critical Photon OS Security Update - PHSA-2022-0353
2022-01-19 00:00:00
gentoo
gentoo
Expat: Multiple Vulnerabilities
2022-09-29 00:00:00
f5
f5
K91589041 : Expat vulnerabilities CVE-2021-45960, CVE-2022-22825, CVE-2022-22826, and CVE-2022-22827
2022-05-01 00:00:00
K19473898 : Expat vulnerabilities CVE-2022-23852, CVE-2022-25235, CVE-2022-25236, and CVE-2022-25315
2022-04-30 00:00:00
K23421535 : Expat vulnerabilities CVE-2022-22822, CVE-2022-22823, and CVE-2022-22824
2022-05-01 00:00:00
ubuntucve
ubuntucve
CVE-2022-22825
2022-01-10 00:00:00
CVE-2022-22823
2022-01-10 00:00:00
CVE-2022-22826
2022-01-10 00:00:00
fedora
fedora
[SECURITY] Fedora 35 Update: thunderbird-91.7.0-1.fc35
2022-03-17 15:49:04
[SECURITY] Fedora 36 Update: thunderbird-102.7.1-2.fc36
2023-02-03 01:42:19
[SECURITY] Fedora 34 Update: thunderbird-91.7.0-1.fc34
2022-03-18 19:15:01
redos
redos
ROS-20220225-01
2022-02-25 00:00:00

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

JSON
Related for ELSA-2022-1069
osv11nessus88redhat15almalinux3rocky2centos1ibm29oraclelinux3cloudlinux1hp1suse3mageia2slackware2ubuntu2cloudfoundry1altlinux1ics2amazon4debian4aix1photon6gentoo1f53ubuntucve6fedora6redos1