{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-09-29T16:07:09", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://github.com/libexpat/libexpat/pull/562"}, {"name": "[oss-security] 20220219 Expat 2.4.5 released, includes 5 security fixes", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2022/02/19/1"}, {"name": "DSA-5085", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "https://www.debian.org/security/2022/dsa-5085"}, {"name": "FEDORA-2022-04f206996b", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/"}, {"name": "FEDORA-2022-3d9d67f558", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/"}, {"name": "[debian-lts-announce] 20220307 [SECURITY] [DLA 2935-1] expat security update", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html"}, {"tags": ["x_refsource_MISC"], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://security.netapp.com/advisory/ntap-20220303-0008/"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf"}, {"name": "GLSA-202209-24", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/202209-24"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2022-25235", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://github.com/libexpat/libexpat/pull/562", "refsource": "MISC", "url": "https://github.com/libexpat/libexpat/pull/562"}, {"name": "[oss-security] 20220219 Expat 2.4.5 released, includes 5 security fixes", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2022/02/19/1"}, {"name": "DSA-5085", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2022/dsa-5085"}, {"name": "FEDORA-2022-04f206996b", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/"}, {"name": "FEDORA-2022-3d9d67f558", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/"}, {"name": "[debian-lts-announce] 20220307 [SECURITY] [DLA 2935-1] expat security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html"}, {"name": "https://www.oracle.com/security-alerts/cpuapr2022.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"}, {"name": "https://security.netapp.com/advisory/ntap-20220303-0008/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20220303-0008/"}, {"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf", "refsource": "CONFIRM", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf"}, {"name": "GLSA-202209-24", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202209-24"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T04:36:06.591Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/libexpat/libexpat/pull/562"}, {"name": "[oss-security] 20220219 Expat 2.4.5 released, includes 5 security fixes", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2022/02/19/1"}, {"name": "DSA-5085", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "https://www.debian.org/security/2022/dsa-5085"}, {"name": "FEDORA-2022-04f206996b", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/"}, {"name": "FEDORA-2022-3d9d67f558", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/"}, {"name": "[debian-lts-announce] 20220307 [SECURITY] [DLA 2935-1] expat security update", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://security.netapp.com/advisory/ntap-20220303-0008/"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf"}, {"name": "GLSA-202209-24", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "https://security.gentoo.org/glsa/202209-24"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-25235", "datePublished": "2022-02-16T00:40:20", "dateReserved": "2022-02-16T00:00:00", "dateUpdated": "2024-08-03T04:36:06.591Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:libexpat_project:libexpat:*:*:*:*:*:*:*:*", "matchCriteriaId": "00DE2EDB-AEA7-4BA2-9588-A6C05BE661E4", "versionEndExcluding": "2.4.5", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", "matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*", "matchCriteriaId": "A930E247-0B43-43CB-98FF-6CE7B8189835", "vulnerable": true}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", "matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "DFC79B17-E9D2-44D5-93ED-2F959E7A3D43", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:http_server:12.2.1.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "AD04BEE5-E9A8-4584-A68C-0195CE9C402C", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*", "matchCriteriaId": "D3E503FB-6279-4D4A-91D8-E237ECF9D2B0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:siemens:sinema_remote_connect_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "98CC9C9A-FE14-4D50-A8EC-C309229356C8", "versionEndExcluding": "3.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context."}, {"lang": "es", "value": "El archivo xmltok_impl.c en Expat (tambi\u00e9n se conoce como libexpat) versiones anteriores a 2.4.5, carece de determinada comprobaci\u00f3n de codificaci\u00f3n, como comprueba si un car\u00e1cter UTF-8 es v\u00e1lido en un determinado contexto"}], "id": "CVE-2022-25235", "lastModified": "2023-11-07T03:44:44.940", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-02-16T01:15:07.607", "references": [{"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2022/02/19/1"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-484086.pdf"}, {"source": "cve@mitre.org", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/libexpat/libexpat/pull/562"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00007.html"}, {"source": "cve@mitre.org", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3UFRBA3UQVIQKXTBUQXDWQOVWNBKLERU/"}, {"source": "cve@mitre.org", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y27XO3JMKAOMQZVPS3B4MJGEAHCZF5OM/"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/202209-24"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20220303-0008/"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://www.debian.org/security/2022/dsa-5085"}, {"source": "cve@mitre.org", "tags": ["Patch", "Third Party Advisory"], "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-116"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2022:1309", "cpe": "cpe:/o:redhat:rhel_els:6", "package": "expat-0:2.0.1-14.el6_10", "product_name": "Red Hat Enterprise Linux 6 Extended Lifecycle Support", "release_date": "2022-04-12T00:00:00Z"}, {"advisory": "RHSA-2022:0824", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "firefox-0:91.7.0-3.el7_9", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2022-03-10T00:00:00Z"}, {"advisory": "RHSA-2022:0850", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "thunderbird-0:91.7.0-2.el7_9", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2022-03-14T00:00:00Z"}, {"advisory": "RHSA-2022:1069", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "expat-0:2.1.0-14.el7_9", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2022-03-28T00:00:00Z"}, {"advisory": "RHSA-2022:0818", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "firefox-0:91.7.0-3.el8_5", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2022-03-10T00:00:00Z"}, {"advisory": "RHSA-2022:0845", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "thunderbird-0:91.7.0-2.el8_5", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2022-03-14T00:00:00Z"}, {"advisory": "RHSA-2022:7811", "cpe": "cpe:/a:redhat:enterprise_linux:8::crb", "package": "mingw-expat-0:2.4.8-1.el8", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2022-11-08T00:00:00Z"}, {"advisory": "RHSA-2022:0951", "cpe": "cpe:/o:redhat:enterprise_linux:8", "package": "expat-0:2.2.5-4.el8_5.3", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2022-03-16T00:00:00Z"}, {"advisory": "RHSA-2022:1643", "cpe": "cpe:/o:redhat:enterprise_linux:8", "package": "xmlrpc-c-0:1.51.0-5.el8_5.1", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2022-04-28T00:00:00Z"}, {"advisory": "RHSA-2022:0815", "cpe": "cpe:/a:redhat:rhel_e4s:8.1", "package": "firefox-0:91.7.0-3.el8_1", "product_name": "Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions", "release_date": "2022-03-10T00:00:00Z"}, {"advisory": "RHSA-2022:0847", "cpe": "cpe:/a:redhat:rhel_e4s:8.1", "package": "thunderbird-0:91.7.0-2.el8_1", "product_name": "Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions", "release_date": "2022-03-14T00:00:00Z"}, {"advisory": "RHSA-2022:1068", "cpe": "cpe:/o:redhat:rhel_e4s:8.1", "package": "expat-0:2.2.5-3.el8_1.1", "product_name": "Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions", "release_date": "2022-03-28T00:00:00Z"}, {"advisory": "RHSA-2022:1539", "cpe": "cpe:/o:redhat:rhel_e4s:8.1", "package": "xmlrpc-c-0:1.51.0-5.el8_1.1", "product_name": "Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions", "release_date": "2022-04-26T00:00:00Z"}, {"advisory": "RHSA-2022:0816", "cpe": "cpe:/a:redhat:rhel_eus:8.2", "package": "firefox-0:91.7.0-3.el8_2", "product_name": "Red Hat Enterprise Linux 8.2 Extended Update Support", "release_date": "2022-03-10T00:00:00Z"}, {"advisory": "RHSA-2022:0843", "cpe": "cpe:/a:redhat:rhel_eus:8.2", "package": "thunderbird-0:91.7.0-2.el8_2", "product_name": "Red Hat Enterprise Linux 8.2 Extended Update Support", "release_date": "2022-03-14T00:00:00Z"}, {"advisory": "RHSA-2022:1070", "cpe": "cpe:/o:redhat:rhel_eus:8.2", "package": "expat-0:2.2.5-3.el8_2.2", "product_name": "Red Hat Enterprise Linux 8.2 Extended Update Support", "release_date": "2022-03-28T00:00:00Z"}, {"advisory": "RHSA-2022:1540", "cpe": "cpe:/o:redhat:rhel_eus:8.2", "package": "xmlrpc-c-0:1.51.0-5.el8_2.1", "product_name": "Red Hat Enterprise Linux 8.2 Extended Update Support", "release_date": "2022-04-26T00:00:00Z"}, {"advisory": "RHSA-2022:0817", "cpe": "cpe:/a:redhat:rhel_eus:8.4", "package": "firefox-0:91.7.0-3.el8_4", "product_name": "Red Hat Enterprise Linux 8.4 Extended Update Support", "release_date": "2022-03-10T00:00:00Z"}, {"advisory": "RHSA-2022:0853", "cpe": "cpe:/a:redhat:rhel_eus:8.4", "package": "thunderbird-0:91.7.0-2.el8_4", "product_name": "Red Hat Enterprise Linux 8.4 Extended Update Support", "release_date": "2022-03-14T00:00:00Z"}, {"advisory": "RHSA-2022:1012", "cpe": "cpe:/o:redhat:rhel_eus:8.4", "package": "expat-0:2.2.5-4.el8_4.2", "product_name": "Red Hat Enterprise Linux 8.4 Extended Update Support", "release_date": "2022-03-22T00:00:00Z"}, {"advisory": "RHSA-2022:1644", "cpe": "cpe:/o:redhat:rhel_eus:8.4", "package": "xmlrpc-c-0:1.51.0-5.el8_4.1", "product_name": "Red Hat Enterprise Linux 8.4 Extended Update Support", "release_date": "2022-04-28T00:00:00Z"}, {"advisory": "RHSA-2022:7144", "cpe": "cpe:/a:redhat:jboss_core_services:1", "package": "expat", "product_name": "Red Hat JBoss Core Services 1", "release_date": "2022-10-26T00:00:00Z"}, {"advisory": "RHSA-2022:1263", "cpe": "cpe:/o:redhat:enterprise_linux:7::hypervisor", "package": "redhat-virtualization-host-0:4.3.22-20220330.1.el7_9", "product_name": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 7", "release_date": "2022-04-07T00:00:00Z"}, {"advisory": "RHSA-2022:1053", "cpe": "cpe:/o:redhat:rhev_hypervisor:4.4::el8", "package": "redhat-virtualization-host-0:4.4.10-202203211649_8.5", "product_name": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 8", "release_date": "2022-03-24T00:00:00Z"}], "bugzilla": {"description": "expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution", "id": "2056366", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2056366"}, "csaw": false, "cvss3": {"cvss3_base_score": "9.8", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "status": "verified"}, "cwe": "CWE-838", "details": ["xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context.", "A flaw was found in expat. Passing malformed 2- and 3-byte UTF-8 sequences (for example, from start tag names) to the XML processing application on top of expat can lead to arbitrary code execution. This issue is dependent on how invalid UTF-8 is handled inside the XML processor."], "mitigation": {"lang": "en:us", "value": "There is no known mitigation other than restricting applications using the expat library from processing untrusted XML content. Please update the affected packages as soon as possible."}, "name": "CVE-2022-25235", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "firefox:flatpak/firefox", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "expat", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "firefox", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "thunderbird", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "xmlrpc-c", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2022-02-19T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2022-25235\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-25235\nhttps://blog.hartwork.org/posts/expat-2-4-5-released/"], "statement": "This flaw affects applications that leverage expat to parse untrusted XML files. Applications that only parse trusted XML files or do not process XML files at all are not affected by this flaw.", "threat_severity": "Important", "upstream_fix": "expat 2.4.5"}