CVE-2022-40674 - libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c.

CVE-2022-40674

Summary

libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c.

References

Vulnerable Configurations

cpe:2.3:a:libexpat_project:libexpat:-:*:*:*:*:*:*:*
cpe:2.3:a:libexpat_project:libexpat:-:*:*:*:*:*:*:*
cpe:2.3:a:libexpat_project:libexpat:1.95.0:*:*:*:*:*:*:*
cpe:2.3:a:libexpat_project:libexpat:1.95.0:*:*:*:*:*:*:*
cpe:2.3:a:libexpat_project:libexpat:1.95.1:*:*:*:*:*:*:*
cpe:2.3:a:libexpat_project:libexpat:1.95.1:*:*:*:*:*:*:*
cpe:2.3:a:libexpat_project:libexpat:1.95.2:*:*:*:*:*:*:*
cpe:2.3:a:libexpat_project:libexpat:1.95.2:*:*:*:*:*:*:*
cpe:2.3:a:libexpat_project:libexpat:1.95.3:*:*:*:*:*:*:*
cpe:2.3:a:libexpat_project:libexpat:1.95.3:*:*:*:*:*:*:*
cpe:2.3:a:libexpat_project:libexpat:1.95.4:*:*:*:*:*:*:*
cpe:2.3:a:libexpat_project:libexpat:1.95.4:*:*:*:*:*:*:*
cpe:2.3:a:libexpat_project:libexpat:1.95.5:*:*:*:*:*:*:*
cpe:2.3:a:libexpat_project:libexpat:1.95.5:*:*:*:*:*:*:*
cpe:2.3:a:libexpat_project:libexpat:1.95.6:*:*:*:*:*:*:*
cpe:2.3:a:libexpat_project:libexpat:1.95.6:*:*:*:*:*:*:*
cpe:2.3:a:libexpat_project:libexpat:1.95.7:*:*:*:*:*:*:*
cpe:2.3:a:libexpat_project:libexpat:1.95.7:*:*:*:*:*:*:*
cpe:2.3:a:libexpat_project:libexpat:1.95.8:*:*:*:*:*:*:*
cpe:2.3:a:libexpat_project:libexpat:1.95.8:*:*:*:*:*:*:*
cpe:2.3:a:libexpat_project:libexpat:2.0.0:*:*:*:*:*:*:*
cpe:2.3:a:libexpat_project:libexpat:2.0.0:*:*:*:*:*:*:*
cpe:2.3:a:libexpat_project:libexpat:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:libexpat_project:libexpat:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:libexpat_project:libexpat:2.1.0:*:*:*:*:*:*:*
cpe:2.3:a:libexpat_project:libexpat:2.1.0:*:*:*:*:*:*:*
cpe:2.3:a:libexpat_project:libexpat:2.1.1:*:*:*:*:*:*:*
cpe:2.3:a:libexpat_project:libexpat:2.1.1:*:*:*:*:*:*:*
cpe:2.3:a:libexpat_project:libexpat:2.2.0:*:*:*:*:*:*:*
cpe:2.3:a:libexpat_project:libexpat:2.2.0:*:*:*:*:*:*:*
cpe:2.3:a:libexpat_project:libexpat:2.2.1:*:*:*:*:*:*:*
cpe:2.3:a:libexpat_project:libexpat:2.2.1:*:*:*:*:*:*:*
cpe:2.3:a:libexpat_project:libexpat:2.2.2:*:*:*:*:*:*:*
cpe:2.3:a:libexpat_project:libexpat:2.2.2:*:*:*:*:*:*:*
cpe:2.3:a:libexpat_project:libexpat:2.2.3:*:*:*:*:*:*:*
cpe:2.3:a:libexpat_project:libexpat:2.2.3:*:*:*:*:*:*:*
cpe:2.3:a:libexpat_project:libexpat:2.2.4:*:*:*:*:*:*:*
cpe:2.3:a:libexpat_project:libexpat:2.2.4:*:*:*:*:*:*:*
cpe:2.3:a:libexpat_project:libexpat:2.2.5:*:*:*:*:*:*:*
cpe:2.3:a:libexpat_project:libexpat:2.2.5:*:*:*:*:*:*:*
cpe:2.3:a:libexpat_project:libexpat:2.2.6:*:*:*:*:*:*:*
cpe:2.3:a:libexpat_project:libexpat:2.2.6:*:*:*:*:*:*:*
cpe:2.3:a:libexpat_project:libexpat:2.2.7:*:*:*:*:*:*:*
cpe:2.3:a:libexpat_project:libexpat:2.2.7:*:*:*:*:*:*:*
cpe:2.3:a:libexpat_project:libexpat:2.2.8:*:*:*:*:*:*:*
cpe:2.3:a:libexpat_project:libexpat:2.2.8:*:*:*:*:*:*:*
cpe:2.3:a:libexpat_project:libexpat:2.2.9:*:*:*:*:*:*:*
cpe:2.3:a:libexpat_project:libexpat:2.2.9:*:*:*:*:*:*:*
cpe:2.3:a:libexpat_project:libexpat:2.2.10:*:*:*:*:*:*:*
cpe:2.3:a:libexpat_project:libexpat:2.2.10:*:*:*:*:*:*:*
cpe:2.3:a:libexpat_project:libexpat:2.3.0:*:*:*:*:*:*:*
cpe:2.3:a:libexpat_project:libexpat:2.3.0:*:*:*:*:*:*:*
cpe:2.3:a:libexpat_project:libexpat:2.4.0:*:*:*:*:*:*:*
cpe:2.3:a:libexpat_project:libexpat:2.4.0:*:*:*:*:*:*:*
cpe:2.3:a:libexpat_project:libexpat:2.4.1:*:*:*:*:*:*:*
cpe:2.3:a:libexpat_project:libexpat:2.4.1:*:*:*:*:*:*:*
cpe:2.3:a:libexpat_project:libexpat:2.4.3:*:*:*:*:*:*:*
cpe:2.3:a:libexpat_project:libexpat:2.4.3:*:*:*:*:*:*:*
cpe:2.3:a:libexpat_project:libexpat:2.4.4:*:*:*:*:*:*:*
cpe:2.3:a:libexpat_project:libexpat:2.4.4:*:*:*:*:*:*:*
cpe:2.3:a:libexpat_project:libexpat:2.4.5:*:*:*:*:*:*:*
cpe:2.3:a:libexpat_project:libexpat:2.4.5:*:*:*:*:*:*:*
cpe:2.3:a:libexpat_project:libexpat:2.4.6:*:*:*:*:*:*:*
cpe:2.3:a:libexpat_project:libexpat:2.4.6:*:*:*:*:*:*:*
cpe:2.3:a:libexpat_project:libexpat:2.4.7:*:*:*:*:*:*:*
cpe:2.3:a:libexpat_project:libexpat:2.4.7:*:*:*:*:*:*:*
cpe:2.3:a:libexpat_project:libexpat:2.4.8:*:*:*:*:*:*:*
cpe:2.3:a:libexpat_project:libexpat:2.4.8:*:*:*:*:*:*:*
cpe:2.3:a:libexpat_project:libexpat:2.4.9:*:*:*:*:*:*:*
cpe:2.3:a:libexpat_project:libexpat:2.4.9:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*

CVSS

Base:	None
Impact:
Exploitability:

CWE

CWE-416

CAPEC

Access

Vector	Complexity	Authentication

Impact

Confidentiality	Integrity	Availability

Last major update

01-02-2023 - 19:16

Published

14-09-2022 - 11:15

Last modified

01-02-2023 - 19:16