Rhodri James discovered that Expat incorrectly handled memory when
processing certain malformed XML files. An attacker could possibly
use this issue to cause a crash or execute arbitrary code.

References

ubuntu.com/security/CVE-2022-40674

ubuntu.com/security/notices/USN-5638-1

nessus 79

photon 1

oraclelinux 11

f5 1

cve 1

redhatcve 1

openvas 24

mageia 3

osv 14

amazon 2

redhat 21

cbl_mariner 2

almalinux 7

ibm 7

cgr 1

ubuntucve 1

githubexploit 2

wolfi 1

rocky 4

slackware 2

centos 1

veracode 1

prion 1

freebsd 1

fedora 2

rosalinux 1

suse 2

cloudlinux 1

debiancve 1

alpinelinux 1

debian 2

nessus

EulerOS Virtualization 2.9.1 : expat (EulerOS-SA-2023-1190)

2023-01-11 00:00:00

Slackware Linux 14.0 / 14.1 / 14.2 / 15.0 / current expat Vulnerability (SSA:2022-263-01)

2022-09-20 00:00:00

Fedora 35 : expat (2022-c68d90efc3)

2022-12-23 00:00:00

photon

Critical Photon OS Security Update - PHSA-2022-0249

2022-09-21 00:00:00

oraclelinux

expat security update

2022-10-29 00:00:00

firefox security update

2022-10-20 00:00:00

firefox security update

2022-10-27 00:00:00

K44454157 : Expat vulnerability CVE-2022-40674

2022-10-31 00:00:00

cve

CVE-2022-40674

2022-09-14 11:15:00

redhatcve

CVE-2022-40674

2022-09-29 05:18:54

openvas

Huawei EulerOS: Security Advisory for expat (EulerOS-SA-2022-2762)

2022-11-14 00:00:00

Mageia: Security Advisory (MGASA-2022-0399)

2022-10-28 00:00:00

Fedora: Security Advisory for expat (FEDORA-2022-15ec504440)

2022-10-08 00:00:00

mageia

Updated expat packages fix security vulnerability

2022-10-01 20:48:24

Updated thunderbird packages fix security vulnerability

2022-10-28 09:54:08

Updated firefox packages fix security vulnerability

2022-10-28 09:54:08

osv

Important: thunderbird security update

2022-10-18 17:40:48

Important: expat security update

2022-10-06 00:00:00

expat - security update

2022-09-22 00:00:00

amazon

Important: expat

2022-10-31 19:40:00

Important: expat

2022-12-01 17:34:00

redhat

(RHSA-2022:7021) Important: thunderbird security update

2022-10-18 17:40:32

(RHSA-2022:6996) Important: thunderbird security update

2022-10-18 12:25:34

(RHSA-2022:6967) Important: compat-expat1 security update

2022-10-17 08:01:11

cbl_mariner

CVE-2022-40674 affecting package expat 2.4.8-1

2022-09-23 18:23:13

CVE-2022-40674 affecting package expat 2.4.6-1

2022-10-04 07:51:28

almalinux

Important: expat security update

2022-10-06 00:00:00

Important: expat security update

2022-10-11 00:00:00

Important: mingw-expat security update

2023-05-16 00:00:00

ibm

Security Bulletin: IBM Tivoli Monitoring is vulnerable to remote code execution [CVE-2022-40674]

2022-12-30 17:31:59

Security Bulletin: Vulnerability in libexpat affects IBM Cloud Pak System [CVE-2022-40674]

2023-03-31 14:54:21

Security Bulletin: IBM HTTP Server is vulnerable to arbitrary code execution due to Expat (CVE-2022-40674)

2022-10-05 19:06:31

cgr

CVE-2022-40674 vulnerabilities

2024-02-06 23:19:33

ubuntucve

CVE-2022-40674

2022-09-14 00:00:00

githubexploit

Exploit for Use After Free in Libexpat Project Libexpat

2022-10-19 11:15:29

Exploit for Use After Free in Libexpat Project Libexpat

2022-10-19 11:15:29

wolfi

CVE-2022-40674 vulnerabilities

2024-02-07 01:47:52

rocky

thunderbird security update

2022-10-18 17:40:48

expat security update

2022-10-11 12:38:26

firefox security update

2022-10-18 17:41:04

slackware

[slackware-security] python3

2022-10-14 01:46:13

[slackware-security] expat

2022-09-20 22:58:31

centos

expat security update

2022-10-26 14:19:51

veracode

Use-After-Free

2022-09-15 08:37:15

prion

Design/Logic Flaw

2022-09-14 11:15:00

freebsd

expat -- Heap use-after-free vulnerability

2022-09-14 00:00:00

fedora

[SECURITY] Fedora 36 Update: expat-2.4.9-1.fc36

2022-10-07 15:56:55

[SECURITY] Fedora 35 Update: expat-2.4.9-1.fc35

2022-10-14 12:58:55

rosalinux

Advisory ROSA-SA-2023-2168

2023-06-20 09:22:31

suse

Security update for expat (important)

2022-10-17 00:00:00

Security update for expat (important)

2022-10-01 00:00:00

cloudlinux

Fixed CVE-2022-40674 in expat

2022-09-26 11:53:23

debiancve

CVE-2022-40674

2022-09-14 11:15:00

alpinelinux

CVE-2022-40674

2022-09-14 11:15:00

debian

[SECURITY] [DSA 5236-1] expat security update

2022-09-22 20:17:33

[SECURITY] [DLA 3119-1] expat security update

2022-09-25 07:05:40

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
OpenSource

@2024 Vulners Inc

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

7.7 High

AI Score

Confidence

Low

5.1 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

0.005 Low

EPSS

Percentile

76.8%

JSON

Related for OSV:USN-5638-1