CVE-2022-43680

ADVISORY - nist

Summary

In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations.

EPSS Score⁠: 0.00244 (0.477)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-416⁠

Use After Free

ADVISORY - redhat

CWE-416⁠

Use After Free

Impacted images

Advisories

NIST

CREATED

3 years ago

UPDATED

2 months ago

ADVISORY IDCVE-2022-43680⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-416⁠

CVSS SCORE

7.5high

Alpine

CREATED

3 years ago

UPDATED

4 months ago

ADVISORY IDCVE-2022-43680⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Debian

CREATED

3 years ago

UPDATED

3 days ago

ADVISORY IDCVE-2022-43680⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Ubuntu

CREATED

3 years ago

UPDATED

5 days ago

ADVISORY IDCVE-2022-43680⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

7.5medium

Alma

CREATED

3 years ago

UPDATED

2 years ago

ADVISORY IDALSA-2023:0103⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Alma

CREATED

2 years ago

UPDATED

2 years ago

ADVISORY IDALSA-2023:0337⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Amazon

CREATED

3 years ago

UPDATED

3 years ago

ADVISORY IDALAS-2022-1655⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Amazon

CREATED

3 years ago

UPDATED

3 years ago

ADVISORY IDALAS2-2022-1885⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Amazon

CREATED

1 year ago

UPDATED

4 months ago

ADVISORY IDALAS2022-2022-261⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Amazon

CREATED

2 years ago

UPDATED

2 years ago

ADVISORY IDALAS2023-2023-058⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Acritical

Red Hat

CREATED

3 years ago

UPDATED

4 months ago

ADVISORY IDCVE-2022-43680⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-416⁠

CVSS SCORE

7.5medium

Rocky

CREATED

3 years ago

UPDATED

4 months ago

ADVISORY IDRLSA-2023:0103⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Rocky

CREATED

2 years ago

UPDATED

4 months ago

ADVISORY IDRLSA-2023:0337⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Oracle

CREATED

3 years ago

UPDATED

3 years ago

ADVISORY IDELSA-2023-0103⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Oracle

CREATED

2 years ago

UPDATED

2 years ago

ADVISORY IDELSA-2023-0337⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Chainguard

CREATED

1 year ago

UPDATED

1 year ago

ADVISORY ID

CGA-v325-wv3h-279c

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

intheWild

CREATED

4 months ago

UPDATED

4 months ago

ADVISORY IDCVE-2022-43680⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY