Showing 26 - 28 of 28

CVE-2022-25236

Status Candidate

Overview

xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs.

Red Hat Security Advisory 2022-0824-01: Posted Mar 11, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-0824-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.7.0 ESR. Issues addressed include bypass, code execution, integer overflow, and use-after-free vulnerabilities.; tags | advisory, web, overflow, vulnerability, code execution; systems | linux, redhat; advisories | CVE-2022-25235, CVE-2022-25236, CVE-2022-25315, CVE-2022-26381, CVE-2022-26383, CVE-2022-26384, CVE-2022-26386, CVE-2022-26387, CVE-2022-26485, CVE-2022-26486; SHA-256 | f68b5b2d825ea8ea88fe125146cc153021465e2fbb031ab5be601caba75131fb; Download | Favorite | View

Ubuntu Security Notice USN-5320-1: Posted Mar 10, 2022; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 5320-1 - USN-5288-1 fixed several vulnerabilities in Expat. For CVE-2022-25236 it caused a regression and an additional patch was required. This update address this regression and several other vulnerabilities. It was discovered that Expat incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. It was discovered that Expat incorrectly handled certain files. An attacker could possibly use this issue to cause a crash or execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 21.10.; tags | advisory, denial of service, arbitrary, vulnerability; systems | linux, ubuntu; advisories | CVE-2022-25236, CVE-2022-25313, CVE-2022-25314, CVE-2022-25315; SHA-256 | f73ffaf6eb03b92ee8fa616e8b96fe44c883861c77e20c470a4a5a8c89b228da; Download | Favorite | View

Debian Security Advisory 5085-1: Posted Feb 28, 2022; Authored by Debian | Site debian.org; Debian Linux Security Advisory 5085-1 - Several vulnerabilities have been discovered in Expat, an XML parsing C library, which could result in denial of service or potentially the execution of arbitrary code, if a malformed XML file is processed.; tags | advisory, denial of service, arbitrary, vulnerability; systems | linux, debian; advisories | CVE-2022-25235, CVE-2022-25236, CVE-2022-25313, CVE-2022-25314, CVE-2022-25315; SHA-256 | 0a1c5c3e3f1598ea66cbd52fa5a77ab866124388437e58a6c8661edb8f48157e; Download | Favorite | View

Page 2 of 2 Back 1 2 Next