CVE-2022-40674

Description

libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c.

Related CPE's

a libexpat_project libexpat ********

References

https://github.com/libexpat/libexpat/pull/629

Issue TrackingPatchThird Party Advisory

https://github.com/libexpat/libexpat/pull/640

Issue TrackingPatchThird Party Advisory

[debian-lts-announce] 20220925 [SECURITY] [DLA 3119-1] expat security update

CvssV3 impact

Could not find any metrics

CvssV2 impact

Could not find any metrics

Created by Yello

About Severity.io