{"id":"CLSA-2022-1660762248","summary":"Fixed 13 CVEs in expat","details":"- CVE-2022-25236: Fix insertion of namespace-separator characters into\n  namespace URIs\n- CVE-2022-25235: Fix malformed UTF-8 sequences which can lead to\n  arbitrary code execution\n- CVE-2022-25315: Fix integer overflow in storeRawNames()\n- CVE-2022-22822: Fix integer overflow in addBinding()\n- CVE-2022-22823: Fix integer overflow in build_model()\n- CVE-2022-22824: Fix integer overflow in defineAttribute()\n- CVE-2022-22825: Fix integer overflow in lookup()\n- CVE-2022-22826: Fix integer overflow in nextScaffoldPart()\n- CVE-2022-22827: Fix integer overflow in storeAtts()\n- CVE-2022-23852: Fix integer overflow in XML_GetBuffer()\n- CVE-2021-46143: Fix integer overflow on m_groupSize in doProlog()\n- CVE-2021-45960: Fix troublesome left shifts in storeAtts()\n- CVE-2022-23990: Fix integer overflow in doProlog()","modified":"2026-05-27T11:33:32.548078308Z","published":"2022-08-17T18:50:48Z","upstream":["CVE-2021-45960","CVE-2021-46143","CVE-2022-22822","CVE-2022-22823","CVE-2022-22824","CVE-2022-22825","CVE-2022-22826","CVE-2022-22827","CVE-2022-23852","CVE-2022-23990","CVE-2022-25235","CVE-2022-25236","CVE-2022-25315"],"references":[{"type":"ADVISORY","url":"https://errata.cloudlinux.com/els6/CLSA-2022-1660762248.html"}],"affected":[{"package":{"name":"expat","ecosystem":"TuxCare:CentOS:6","purl":"pkg:rpm/tuxcare/expat?distro=centos-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.0.1-13.el6_8.tuxcare.els1"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2022-1660762248.json"}},{"package":{"name":"expat-devel","ecosystem":"TuxCare:CentOS:6","purl":"pkg:rpm/tuxcare/expat-devel?distro=centos-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.0.1-13.el6_8.tuxcare.els1"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2022-1660762248.json"}}],"schema_version":"1.7.5"}