Debian CVE-2022-40674: expat: a use-after-free in the doContent function
Bug #1994107 reported by
Yue Tao
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
StarlingX |
Fix Released
|
Medium
|
Yue Tao |
Bug Description
CVE-2022-40674: [https:/
libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c.
Score:
cve_id status cvss3Score av ac pr ui ai
CVE-2022-40674 fixed 9.8 N L N N H
References:
https:/
['libexpat1_
Found during September 2022 CVE scan using vulscan
CVE References
To post a comment you must log in.
screening: stx.8.0 / medium - CVE meets the stx fix criteria