{
  "threat_severity" : "Moderate",
  "public_date" : "2022-01-26T00:00:00Z",
  "bugzilla" : {
    "description" : "expat: integer overflow in the doProlog function",
    "id" : "2048356",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2048356"
  },
  "cvss3" : {
    "cvss3_base_score" : "6.5",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
    "status" : "verified"
  },
  "cwe" : "CWE-190",
  "details" : [ "Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function.", "A flaw was found in expat. The vulnerability occurs due to large content in element type declarations when there is an element declaration handler present which leads to an integer overflow. This flaw allows an attacker to inject an unsigned integer, leading to a crash or a denial of service." ],
  "statement" : "Red Hat Product Security marked this flaw as Moderate Impact because the vulnerability includes a flaw that is present in a program’s source code but to which no current or theoretically possible, but unproven, exploitation vectors exist or were found during the technical analysis of the flaw.",
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2022-11-08T00:00:00Z",
    "advisory" : "RHSA-2022:7811",
    "cpe" : "cpe:/a:redhat:enterprise_linux:8::crb",
    "package" : "mingw-expat-0:2.4.8-1.el8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2025-11-19T00:00:00Z",
    "advisory" : "RHSA-2025:21776",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8",
    "package" : "expat-0:2.5.0-1.el8_10"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8.2 Advanced Update Support",
    "release_date" : "2025-12-09T00:00:00Z",
    "advisory" : "RHSA-2025:22871",
    "cpe" : "cpe:/o:redhat:rhel_aus:8.2",
    "package" : "expat-0:2.2.10-1.el8_2"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
    "release_date" : "2025-12-04T00:00:00Z",
    "advisory" : "RHSA-2025:22785",
    "cpe" : "cpe:/o:redhat:rhel_aus:8.4",
    "package" : "expat-0:2.2.10-1.el8_4"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On",
    "release_date" : "2025-12-04T00:00:00Z",
    "advisory" : "RHSA-2025:22785",
    "cpe" : "cpe:/o:redhat:rhel_eus_long_life:8.4",
    "package" : "expat-0:2.2.10-1.el8_4"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
    "release_date" : "2025-12-09T00:00:00Z",
    "advisory" : "RHSA-2025:22842",
    "cpe" : "cpe:/o:redhat:rhel_aus:8.6",
    "package" : "expat-0:2.2.10-1.el8_6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
    "release_date" : "2025-12-09T00:00:00Z",
    "advisory" : "RHSA-2025:22842",
    "cpe" : "cpe:/o:redhat:rhel_tus:8.6",
    "package" : "expat-0:2.2.10-1.el8_6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
    "release_date" : "2025-12-09T00:00:00Z",
    "advisory" : "RHSA-2025:22842",
    "cpe" : "cpe:/o:redhat:rhel_e4s:8.6",
    "package" : "expat-0:2.2.10-1.el8_6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8.8 Telecommunications Update Service",
    "release_date" : "2025-12-02T00:00:00Z",
    "advisory" : "RHSA-2025:22607",
    "cpe" : "cpe:/o:redhat:rhel_tus:8.8",
    "package" : "expat-0:2.2.10-1.el8_8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions",
    "release_date" : "2025-12-02T00:00:00Z",
    "advisory" : "RHSA-2025:22607",
    "cpe" : "cpe:/o:redhat:rhel_e4s:8.8",
    "package" : "expat-0:2.2.10-1.el8_8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "release_date" : "2022-05-17T00:00:00Z",
    "advisory" : "RHBA-2022:4046",
    "cpe" : "cpe:/a:redhat:enterprise_linux:9",
    "package" : "expat-0:2.2.10-12.el9_0"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "release_date" : "2022-05-17T00:00:00Z",
    "advisory" : "RHBA-2022:4046",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9",
    "package" : "expat-0:2.2.10-12.el9_0"
  }, {
    "product_name" : "Text-Only JBCS",
    "release_date" : "2022-10-26T00:00:00Z",
    "advisory" : "RHSA-2022:7144",
    "cpe" : "cpe:/a:redhat:jboss_core_services:1",
    "package" : "expat"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Out of support scope",
    "package_name" : "compat-expat1",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Out of support scope",
    "package_name" : "expat",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Out of support scope",
    "package_name" : "expat",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Out of support scope",
    "package_name" : "firefox",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Out of support scope",
    "package_name" : "thunderbird",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Not affected",
    "package_name" : "firefox",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Not affected",
    "package_name" : "firefox:flatpak/firefox",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Not affected",
    "package_name" : "thunderbird",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Not affected",
    "package_name" : "thunderbird:flatpak/thunderbird",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Not affected",
    "package_name" : "xmlrpc-c",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Not affected",
    "package_name" : "firefox",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Not affected",
    "package_name" : "firefox:flatpak/firefox",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Not affected",
    "package_name" : "thunderbird",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Not affected",
    "package_name" : "thunderbird:flatpak/thunderbird",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2022-23990\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-23990" ],
  "name" : "CVE-2022-23990",
  "csaw" : false
}