Multiple vulnerabilities in libexpat (CVE-2022-22827, CVE-2022-22826, CVE-2022-22825, CVE-2022-22824, CVE-2022-22823, CVE-2022-22822, CVE-2021-46143, CVE-2021-45960)
Multiple CVEs have been identified impacting versions of libexpat < 2.4.3, confirmed that at lest 3.15 is pulling in expat 2.4.1 and is vulnerable. All of the associated CVEs have a NIST score off high to critical
NIST Links:
- CVE-2021-45960 - https://nvd.nist.gov/vuln/detail/CVE-2021-45960
- CVE-2021-46143 - https://nvd.nist.gov/vuln/detail/CVE-2021-46143
- CVE-2022-22822 - https://nvd.nist.gov/vuln/detail/CVE-2022-22822
- CVE-2022-22823 - https://nvd.nist.gov/vuln/detail/CVE-2022-22823
- CVE-2022-22824 - https://nvd.nist.gov/vuln/detail/CVE-2022-22824
- CVE-2022-22825 - https://nvd.nist.gov/vuln/detail/CVE-2022-22825
- CVE-2022-22826 - https://nvd.nist.gov/vuln/detail/CVE-2022-22826
- CVE-2022-22827 - https://nvd.nist.gov/vuln/detail/CVE-2022-22827