CVE-2022-43680

moderate-risk

Published 2022-10-24

In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations.

Do I need to act?

0.56% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 7.5/10 High

NETWORK / LOW complexity

Affected Products (15)

Libexpat

Debian Linux

Fedora

H300S Firmware

H500S Firmware

H700S Firmware

H410S Firmware

H410C Firmware

Active Iq Unified Manager

Oncommand Workflow Automation

Solidfire \& Hci Management Node

Hci Compute Node Firmware

Affected Vendors

Debian Fedoraproject Netapp Libexpat Project

References (30)

Mailing List http://www.openwall.com/lists/oss-security/2023/12/28/5

Mailing List http://www.openwall.com/lists/oss-security/2024/01/03/5

Exploit https://github.com/libexpat/libexpat/issues/649

Exploit https://github.com/libexpat/libexpat/pull/616

Exploit https://github.com/libexpat/libexpat/pull/650

Mailing List https://lists.debian.org/debian-lts-announce/2022/10/msg00033.html

Mailing List https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapro...

Third Party Advisory https://security.gentoo.org/glsa/202210-38

Third Party Advisory https://security.netapp.com/advisory/ntap-20221118-0007/

Third Party Advisory https://www.debian.org/security/2022/dsa-5266

Mailing List http://www.openwall.com/lists/oss-security/2023/12/28/5

Mailing List http://www.openwall.com/lists/oss-security/2024/01/03/5

Exploit https://github.com/libexpat/libexpat/issues/649

Exploit https://github.com/libexpat/libexpat/pull/616

Exploit https://github.com/libexpat/libexpat/pull/650

and 10 more references

/ 100

moderate-risk

Severity 26/34 · High

Exploitability 2/34 · Minimal

Exposure 18/34 · Moderate