exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 13 of 13 RSS Feed

CVE-2022-43680

Status Candidate

Overview

In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations.

Related Files

Red Hat Security Advisory 2024-0421-03
Posted Jan 26, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-0421-03 - An update for expat is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include a use-after-free vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-43680
SHA-256 | 06ac8cd906d12c4243794087603332fee66318f091fea05997fb4c1044865af0
Red Hat Security Advisory 2023-3355-01
Posted Jun 6, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-3355-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.51 Service Pack 2 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.51 Service Pack 1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include bypass, denial of service, double free, out of bounds read, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, web, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2006-20001, CVE-2022-25147, CVE-2022-4304, CVE-2022-43551, CVE-2022-43552, CVE-2022-43680, CVE-2022-4450, CVE-2023-0215, CVE-2023-0286, CVE-2023-23914, CVE-2023-23915, CVE-2023-23916, CVE-2023-25690
SHA-256 | cced047a9c8b64215ce3e215ff5c91c3249ad0174bafa7de957f9317816d705d
Red Hat Security Advisory 2023-1448-01
Posted Mar 24, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-1448-01 - Red Hat OpenShift Service Mesh is the Red Hat distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. This advisory covers container images for the release.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-10735, CVE-2021-28861, CVE-2021-46848, CVE-2022-35737, CVE-2022-40303, CVE-2022-40304, CVE-2022-40897, CVE-2022-41717, CVE-2022-42010, CVE-2022-42011, CVE-2022-42012, CVE-2022-43680, CVE-2022-4415, CVE-2022-45061
SHA-256 | 1b193630b8e330c5beb2f6d03ac4f918994f47de1b014739c473097c892d1822
Red Hat Security Advisory 2023-0634-01
Posted Feb 10, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-0634-01 - Logging Subsystem 5.6.1 - Red Hat OpenShift. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2021-35065, CVE-2021-46848, CVE-2022-35737, CVE-2022-3821, CVE-2022-40303, CVE-2022-40304, CVE-2022-42010, CVE-2022-42011, CVE-2022-42012, CVE-2022-42898, CVE-2022-43680, CVE-2022-44617, CVE-2022-46175, CVE-2022-46285
SHA-256 | 46da8df8c00fedcfa94c9d28bd8cfa0801cbda6294e238eab09ed4d5fe39686d
Red Hat Security Advisory 2023-0630-01
Posted Feb 8, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-0630-01 - This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs. Issues addressed include bypass and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2021-46848, CVE-2022-30629, CVE-2022-3517, CVE-2022-35737, CVE-2022-40303, CVE-2022-40304, CVE-2022-41912, CVE-2022-42010, CVE-2022-42011, CVE-2022-42012, CVE-2022-43680, CVE-2023-22467
SHA-256 | 15ccdc826c7259de9a5ec38f689d87d9fdeded3191e269f8f680ca5a0884014a
Red Hat Security Advisory 2023-0468-01
Posted Jan 26, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-0468-01 - Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-46848, CVE-2022-35737, CVE-2022-3821, CVE-2022-40303, CVE-2022-40304, CVE-2022-42010, CVE-2022-42011, CVE-2022-42012, CVE-2022-43680, CVE-2023-22482
SHA-256 | 5191983ef8963168f6b03a1f224135a4fa9eeada78c0b5b38f2434fc9ad3b803
Red Hat Security Advisory 2023-0466-01
Posted Jan 26, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-0466-01 - Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-46848, CVE-2022-35737, CVE-2022-40303, CVE-2022-40304, CVE-2022-42010, CVE-2022-42011, CVE-2022-42012, CVE-2022-43680, CVE-2023-22482
SHA-256 | 2985071766a50a8e3a457c8ecadeaf4670df3071d1b6a482e2b61735fb6b27bb
Red Hat Security Advisory 2023-0467-01
Posted Jan 26, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-0467-01 - Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
advisories | CVE-2021-46848, CVE-2022-35737, CVE-2022-3821, CVE-2022-40303, CVE-2022-40304, CVE-2022-42010, CVE-2022-42011, CVE-2022-42012, CVE-2022-43680, CVE-2023-22482, CVE-2023-22736
SHA-256 | 68ae094c0e95dda0baf1ff7d76924b49355a5993713728f9bc06bb8c1fa6df00
Red Hat Security Advisory 2023-0337-01
Posted Jan 24, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-0337-01 - Expat is a C library for parsing XML documents. Issues addressed include a use-after-free vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-43680
SHA-256 | 5e4dd758e61627e078d2442f0562e83e4af10673b0c7841fa1b4006e44a4d5bd
Red Hat Security Advisory 2023-0103-01
Posted Jan 12, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-0103-01 - Expat is a C library for parsing XML documents. Issues addressed include a use-after-free vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-43680
SHA-256 | 2e0a4e56304b83878bac582cb6d58aa687e4b112a2d05bc8c800847e3e4fc145
Ubuntu Security Notice USN-5638-3
Posted Nov 24, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5638-3 - USN-5638-1 fixed a vulnerability in Expat. This update provides the corresponding updates for Ubuntu 16.04 ESM, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 22.10. This update also fixes a minor regression introduced in Ubuntu 18.04 LTS.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2022-43680
SHA-256 | 2532563008e029e5ba0c79ed2b95123070ba281491fe1c60cfa1f24a3d4a0ee8
Gentoo Linux Security Advisory 202210-38
Posted Nov 1, 2022
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202210-38 - A vulnerability has been found in Expat which could result in denial of service. Versions less than 2.5.0 are affected.

tags | advisory, denial of service
systems | linux, gentoo
advisories | CVE-2022-43680
SHA-256 | 148a459d1873a4978eb1ea1f4339444a55cc9512a48cd671db16503252f74090
Debian Security Advisory 5266-1
Posted Oct 31, 2022
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5266-1 - A heap use-after-free vulnerability after overeager destruction of a shared DTD in the XML_ExternalEntityParserCreate function in Expat, an XML parsing C library, may result in denial of service or potentially the execution of arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2022-43680
SHA-256 | 322101dc26693e978fb7c1c772e4722e79ec519d4a8ef492d7c487c1a72f29af
Page 1 of 1
Back1Next

File Archive:

October 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    39 Files
  • 2
    Oct 2nd
    23 Files
  • 3
    Oct 3rd
    18 Files
  • 4
    Oct 4th
    20 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    17 Files
  • 8
    Oct 8th
    66 Files
  • 9
    Oct 9th
    25 Files
  • 10
    Oct 10th
    20 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close