CVE-2022-23990

Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 88%
Affected Products (NVD)
VendorProductVersion
libexpat_projectlibexpat
𝑥
< 2.4.4
tenablenessus
𝑥
< 8.15.3
tenablenessus
10.0.0 ≤
𝑥
< 10.1.1
oraclecommunications_metasolv_solution
6.3.1
debiandebian_linux
10.0
debiandebian_linux
11.0
siemenssinema_remote_connect_server
𝑥
< 3.1
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
expat
bookworm
2.5.0-1
fixed
bookworm (security)
2.5.0-1+deb12u1
fixed
bullseye
2.2.10-2+deb11u5
fixed
bullseye (security)
2.2.10-2+deb11u6
fixed
sid
2.6.3-2
fixed
trixie
2.6.3-2
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
apache2
bionic
not-affected
focal
not-affected
impish
not-affected
jammy
not-affected
kinetic
not-affected
lunar
not-affected
mantic
not-affected
noble
not-affected
trusty
not-affected
xenial
not-affected
apr-util
bionic
not-affected
focal
not-affected
impish
not-affected
jammy
not-affected
kinetic
not-affected
lunar
not-affected
mantic
not-affected
noble
not-affected
trusty
not-affected
xenial
not-affected
ayttm
bionic
dne
focal
dne
impish
dne
jammy
dne
kinetic
dne
lunar
dne
mantic
dne
noble
dne
trusty
dne
xenial
not-affected
cableswig
bionic
dne
focal
dne
impish
dne
jammy
dne
kinetic
dne
lunar
dne
mantic
dne
noble
dne
trusty
dne
xenial
not-affected
cadaver
bionic
not-affected
focal
not-affected
impish
not-affected
jammy
needs-triage
kinetic
ignored
lunar
ignored
mantic
ignored
noble
needs-triage
trusty
dne
xenial
not-affected
cmake
bionic
not-affected
focal
not-affected
impish
not-affected
jammy
not-affected
kinetic
not-affected
lunar
not-affected
mantic
not-affected
noble
not-affected
trusty
dne
xenial
not-affected
coin3
bionic
needed
focal
not-affected
impish
not-affected
jammy
not-affected
kinetic
not-affected
lunar
not-affected
mantic
not-affected
noble
not-affected
trusty
needed
xenial
needed
expat
bionic
Fixed 2.2.5-3ubuntu0.4
released
focal
Fixed 2.2.9-1ubuntu0.2
released
impish
Fixed 2.4.1-2ubuntu0.1
released
jammy
Fixed 2.4.3-3
released
kinetic
Fixed 2.4.3-3
released
lunar
Fixed 2.4.3-3
released
mantic
Fixed 2.4.3-3
released
noble
Fixed 2.4.3-3
released
trusty
Fixed 2.1.0-4ubuntu1.4+esm4
released
xenial
Fixed 2.1.0-7ubuntu0.16.04.5+esm2
released
firefox
bionic
ignored
focal
ignored
impish
ignored
jammy
Fixed 1:1snap1-0ubuntu1
released
kinetic
Fixed 1:1snap1-0ubuntu1
released
lunar
Fixed 1:1snap1-0ubuntu1
released
mantic
Fixed 1:1snap1-0ubuntu1
released
noble
Fixed 1:1snap1-0ubuntu1
released
trusty
dne
xenial
ignored
gdcm
bionic
not-affected
focal
not-affected
impish
not-affected
jammy
not-affected
kinetic
not-affected
lunar
not-affected
mantic
not-affected
noble
not-affected
trusty
not-affected
xenial
not-affected
ghostscript
bionic
not-affected
focal
not-affected
impish
not-affected
jammy
not-affected
kinetic
not-affected
lunar
not-affected
mantic
not-affected
noble
not-affected
trusty
dne
xenial
not-affected
insighttoolkit
bionic
dne
focal
dne
impish
dne
jammy
dne
kinetic
dne
lunar
dne
mantic
dne
noble
dne
trusty
dne
xenial
not-affected
insighttoolkit4
bionic
not-affected
focal
not-affected
impish
not-affected
jammy
not-affected
kinetic
not-affected
lunar
not-affected
mantic
dne
noble
dne
trusty
dne
xenial
not-affected
libxmltok
bionic
not-affected
focal
not-affected
hirsute
ignored
impish
not-affected
jammy
not-affected
kinetic
not-affected
lunar
not-affected
mantic
not-affected
noble
not-affected
trusty
ignored
xenial
not-affected
matanza
bionic
needed
focal
needed
impish
ignored
jammy
needs-triage
kinetic
ignored
lunar
ignored
mantic
ignored
noble
needs-triage
trusty
dne
xenial
needed
smart
bionic
not-affected
focal
dne
impish
dne
jammy
dne
kinetic
dne
lunar
dne
mantic
dne
noble
dne
trusty
dne
xenial
not-affected
swish-e
bionic
not-affected
focal
not-affected
impish
not-affected
jammy
needs-triage
kinetic
ignored
lunar
ignored
mantic
ignored
noble
needs-triage
trusty
dne
xenial
not-affected
tdom
bionic
needed
focal
needed
impish
ignored
jammy
needs-triage
kinetic
ignored
lunar
ignored
mantic
ignored
noble
needs-triage
trusty
dne
xenial
needed
texlive-bin
bionic
not-affected
focal
not-affected
impish
not-affected
jammy
not-affected
kinetic
not-affected
lunar
not-affected
mantic
not-affected
noble
not-affected
trusty
dne
xenial
not-affected
thunderbird
bionic
ignored
focal
ignored
impish
ignored
jammy
ignored
kinetic
ignored
lunar
ignored
mantic
ignored
noble
ignored
trusty
dne
xenial
ignored
vnc4
bionic
not-affected
focal
dne
impish
dne
jammy
dne
kinetic
dne
lunar
dne
mantic
dne
noble
dne
trusty
not-affected
xenial
not-affected
vtk
bionic
dne
focal
dne
impish
dne
jammy
dne
kinetic
dne
lunar
dne
mantic
dne
noble
dne
trusty
not-affected
xenial
not-affected
wbxml2
bionic
needed
focal
needed
impish
ignored
jammy
needs-triage
kinetic
ignored
lunar
ignored
mantic
ignored
noble
needs-triage
trusty
dne
xenial
needed
xmlrpc-c
bionic
not-affected
focal
not-affected
impish
not-affected
jammy
needs-triage
kinetic
ignored
lunar
ignored
mantic
ignored
noble
needs-triage
trusty
not-affected
xenial
not-affected
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
expat
suse enterprise desktop 15 SP3
2.2.5-3.12.1
fixed
suse enterprise desktop 15 SP4
2.4.4-150400.2.24
fixed
suse enterprise desktop 15 SP5
2.4.4-150400.3.12.1
fixed
suse enterprise desktop 15 SP6
2.4.4-150400.3.17.1
fixed
suse enterprise desktop 15 SP7
2.6.4-150700.1.4
fixed
suse enterprise sap 12 SP3
2.1.0-21.15.1
fixed
suse enterprise sap 12 SP4
2.1.0-21.15.1
fixed
suse enterprise sap 12 SP5
2.1.0-21.15.1
fixed
suse enterprise sap 15
2.2.5-3.12.1
fixed
suse enterprise sap 15 SP1
2.2.5-3.12.1
fixed
suse enterprise sap 15 SP2
2.2.5-3.12.1
fixed
suse enterprise sap 15 SP3
2.2.5-3.12.1
fixed
suse enterprise sap 15 SP4
2.4.4-150400.2.24
fixed
suse enterprise sap 15 SP5
2.4.4-150400.3.12.1
fixed
suse enterprise sap 15 SP6
2.4.4-150400.3.17.1
fixed
suse enterprise sap 15 SP7
2.6.4-150700.1.4
fixed
suse enterprise server 12 SP2
2.1.0-21.15.1
fixed
suse enterprise server 12 SP3
2.1.0-21.15.1
fixed
suse enterprise server 12 SP4
2.1.0-21.15.1
fixed
suse enterprise server 12 SP5
2.1.0-21.15.1
fixed
suse enterprise server 15
2.2.5-3.12.1
fixed
suse enterprise server 15 SP1
2.2.5-3.12.1
fixed
suse enterprise server 15 SP2
2.2.5-3.12.1
fixed
suse enterprise server 15 SP3
2.2.5-3.12.1
fixed
suse enterprise server 15 SP4
2.4.4-150400.2.24
fixed
suse enterprise server 15 SP5
2.4.4-150400.3.12.1
fixed
suse enterprise server 15 SP6
2.4.4-150400.3.17.1
fixed
suse enterprise server 15 SP7
2.6.4-150700.1.4
fixed
libexpat-devel
suse enterprise desktop 15 SP3
2.2.5-3.12.1
fixed
suse enterprise desktop 15 SP4
2.4.4-150400.2.24
fixed
suse enterprise desktop 15 SP5
2.4.4-150400.3.12.1
fixed
suse enterprise desktop 15 SP6
2.4.4-150400.3.17.1
fixed
suse enterprise desktop 15 SP7
2.6.4-150700.1.4
fixed
suse enterprise sap 15
2.2.5-3.12.1
fixed
suse enterprise sap 15 SP1
2.2.5-3.12.1
fixed
suse enterprise sap 15 SP2
2.2.5-3.12.1
fixed
suse enterprise sap 15 SP3
2.2.5-3.12.1
fixed
suse enterprise sap 15 SP4
2.4.4-150400.2.24
fixed
suse enterprise sap 15 SP5
2.4.4-150400.3.12.1
fixed
suse enterprise sap 15 SP6
2.4.4-150400.3.17.1
fixed
suse enterprise sap 15 SP7
2.6.4-150700.1.4
fixed
suse enterprise server 15
2.2.5-3.12.1
fixed
suse enterprise server 15 SP1
2.2.5-3.12.1
fixed
suse enterprise server 15 SP2
2.2.5-3.12.1
fixed
suse enterprise server 15 SP3
2.2.5-3.12.1
fixed
suse enterprise server 15 SP4
2.4.4-150400.2.24
fixed
suse enterprise server 15 SP5
2.4.4-150400.3.12.1
fixed
suse enterprise server 15 SP6
2.4.4-150400.3.17.1
fixed
suse enterprise server 15 SP7
2.6.4-150700.1.4
fixed
libexpat1
suse enterprise desktop 15 SP3
2.2.5-3.12.1
fixed
suse enterprise desktop 15 SP4
2.4.4-150400.2.24
fixed
suse enterprise desktop 15 SP5
2.4.4-150400.3.12.1
fixed
suse enterprise desktop 15 SP6
2.4.4-150400.3.17.1
fixed
suse enterprise desktop 15 SP7
2.6.4-150700.1.4
fixed
suse enterprise sap 12 SP3
2.1.0-21.15.1
fixed
suse enterprise sap 12 SP4
2.1.0-21.15.1
fixed
suse enterprise sap 12 SP5
2.1.0-21.15.1
fixed
suse enterprise sap 15
2.2.5-3.12.1
fixed
suse enterprise sap 15 SP1
2.2.5-3.12.1
fixed
suse enterprise sap 15 SP2
2.2.5-3.12.1
fixed
suse enterprise sap 15 SP3
2.2.5-3.12.1
fixed
suse enterprise sap 15 SP4
2.4.4-150400.2.24
fixed
suse enterprise sap 15 SP5
2.4.4-150400.3.12.1
fixed
suse enterprise sap 15 SP6
2.4.4-150400.3.17.1
fixed
suse enterprise sap 15 SP7
2.6.4-150700.1.4
fixed
suse enterprise server 12 SP2
2.1.0-21.15.1
fixed
suse enterprise server 12 SP3
2.1.0-21.15.1
fixed
suse enterprise server 12 SP4
2.1.0-21.15.1
fixed
suse enterprise server 12 SP5
2.1.0-21.15.1
fixed
suse enterprise server 15
2.2.5-3.12.1
fixed
suse enterprise server 15 SP1
2.2.5-3.12.1
fixed
suse enterprise server 15 SP2
2.2.5-3.12.1
fixed
suse enterprise server 15 SP3
2.2.5-3.12.1
fixed
suse enterprise server 15 SP4
2.4.4-150400.2.24
fixed
suse enterprise server 15 SP5
2.4.4-150400.3.12.1
fixed
suse enterprise server 15 SP6
2.4.4-150400.3.17.1
fixed
suse enterprise server 15 SP7
2.6.4-150700.1.4
fixed
libexpat1-32bit
suse enterprise desktop 15 SP3
2.2.5-3.12.1
fixed
suse enterprise desktop 15 SP4
2.4.4-150400.2.24
fixed
suse enterprise desktop 15 SP5
2.4.4-150400.3.12.1
fixed
suse enterprise desktop 15 SP6
2.4.4-150400.3.17.1
fixed
suse enterprise desktop 15 SP7
2.6.4-150700.1.4
fixed
suse enterprise sap 12 SP3
2.1.0-21.15.1
fixed
suse enterprise sap 12 SP4
2.1.0-21.15.1
fixed
suse enterprise sap 12 SP5
2.1.0-21.15.1
fixed
suse enterprise sap 15
2.2.5-3.12.1
fixed
suse enterprise sap 15 SP1
2.2.5-3.12.1
fixed
suse enterprise sap 15 SP2
2.2.5-3.12.1
fixed
suse enterprise sap 15 SP3
2.2.5-3.12.1
fixed
suse enterprise sap 15 SP4
2.4.4-150400.2.24
fixed
suse enterprise sap 15 SP5
2.4.4-150400.3.12.1
fixed
suse enterprise sap 15 SP6
2.4.4-150400.3.17.1
fixed
suse enterprise sap 15 SP7
2.6.4-150700.1.4
fixed
suse enterprise server 12 SP2
2.1.0-21.15.1
fixed
suse enterprise server 12 SP3
2.1.0-21.15.1
fixed
suse enterprise server 12 SP4
2.1.0-21.15.1
fixed
suse enterprise server 12 SP5
2.1.0-21.15.1
fixed
suse enterprise server 15
2.2.5-3.12.1
fixed
suse enterprise server 15 SP1
2.2.5-3.12.1
fixed
suse enterprise server 15 SP2
2.2.5-3.12.1
fixed
suse enterprise server 15 SP3
2.2.5-3.12.1
fixed
suse enterprise server 15 SP4
2.4.4-150400.2.24
fixed
suse enterprise server 15 SP5
2.4.4-150400.3.12.1
fixed
suse enterprise server 15 SP6
2.4.4-150400.3.17.1
fixed
suse enterprise server 15 SP7
2.6.4-150700.1.4
fixed
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
expat
RHEL 8
0:2.5.0-1.el8_10
fixed
RHEL 9
0:2.2.10-12.el9_0
fixed
expat-devel
RHEL 8
0:2.5.0-1.el8_10
fixed
RHEL 9
0:2.2.10-12.el9_0
fixed
mingw32-expat
RHEL 8
0:2.4.8-1.el8
fixed
mingw64-expat
RHEL 8
0:2.4.8-1.el8
fixed
Common Weakness Enumeration
References
https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf
https://github.com/libexpat/libexpat/pull/551
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/34NXVL2RZC2YZRV74ZQ3RNFB7WCEUP7D/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R7FF2UH7MPXKTADYSJUAHI2Y5UHBSHUH/
https://security.gentoo.org/glsa/202209-24
https://www.debian.org/security/2022/dsa-5073
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.tenable.com/security/tns-2022-05
https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf
https://github.com/libexpat/libexpat/pull/551
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/34NXVL2RZC2YZRV74ZQ3RNFB7WCEUP7D/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R7FF2UH7MPXKTADYSJUAHI2Y5UHBSHUH/
https://security.gentoo.org/glsa/202209-24
https://www.debian.org/security/2022/dsa-5073
https://www.oracle.com/security-alerts/cpuapr2022.html
https://www.tenable.com/security/tns-2022-05