rpm package
opensuse/expat&distro=openSUSE Leap Micro 5.2
pkg:rpm/opensuse/expat&distro=openSUSE%20Leap%20Micro%205.2
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-43680 | — | < 2.2.5-150000.3.25.1 | 2.2.5-150000.3.25.1 | Oct 24, 2022 | In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations. | ||
| CVE-2022-40674 | — | < 2.2.5-150000.3.22.1 | 2.2.5-150000.3.22.1 | Sep 14, 2022 | libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c. |
- CVE-2022-43680Oct 24, 2022affected < 2.2.5-150000.3.25.1fixed 2.2.5-150000.3.25.1
In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations.
- CVE-2022-40674Sep 14, 2022affected < 2.2.5-150000.3.22.1fixed 2.2.5-150000.3.22.1
libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c.