CLSA-2023-1696877712

Import Source

https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos7els/CLSA-2023-1696877712.json

JSON Data

https://api.osv.dev/v1/vulns/CLSA-2023-1696877712

Upstream

CVE-2022-23990

CVE-2022-43680

Published

2023-10-09T18:55:16Z

Modified

2026-05-29T01:19:12.190616048Z

Summary

expat: Fix of 2 CVEs

Details

CVE-2022-23990: lib: prevent integer overflow in function doProlog
CVE-2022-43680: fix overeager DTD destruction in XML_ExternalEntityParserCreate

References

https://errata.cloudlinux.com/centos7-els/CLSA-2023-1696877712.html

Affected packages