Found during April 2022 CVE Scan
CVE-2022-23990: https://nvd.nist.gov/vuln/detail/CVE-2022-23990 Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function.
Description:
Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function.
Score: cve_id status cvss2Score av ac au ai
CVE-2022-23990 fixed 7.5 N L N C
Note:
No fix on CentOS 7, so we need to covert expat to source rpm and fix it by applying a source patch
Severity: Critical CVE
Found during April 2022 CVE Scan
CVE-2022-23990: https:/ /nvd.nist. gov/vuln/ detail/ CVE-2022- 23990
Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function.
Description:
Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function.
Score:
cve_id status cvss2Score av ac au ai
CVE-2022-23990 fixed 7.5 N L N C
Note:
No fix on CentOS 7, so we need to covert expat to source rpm and fix it by applying a source patch
Severity: Critical CVE