expat 安全漏洞 (CVE-2022-2282)
CVE编号
CVE-2022-2282利用情况
暂无补丁情况
N/A披露时间
2022-07-01漏洞描述
** 拒绝 ** 不要使用这个候选人编号。解决建议
"将组件 salt 升级至 3004.2 及以上版本"
参考链接 |
|---|
受影响软件情况
| # | 类型 | 厂商 | 产品 | 版本 | 影响面 | ||||
| 1 | |||||||||
|---|---|---|---|---|---|---|---|---|---|
| 运行在以下环境 | |||||||||
| 系统 | alibaba_cloud_linux_2.1903 | expat-static | * | Up to (excluding) 2.1.0-14.1.al7 | |||||
| 运行在以下环境 | |||||||||
| 系统 | alma_linux_8 | expat | * | Up to (excluding) 1.51.0-8.el8 | |||||
| 运行在以下环境 | |||||||||
| 系统 | amazon_2 | expat | * | Up to (excluding) 2.1.0-14.amzn2.0.1 | |||||
| 运行在以下环境 | |||||||||
| 系统 | amazon_2022 | expat | * | Up to (excluding) 2.4.3-1.amzn2022 | |||||
| 运行在以下环境 | |||||||||
| 系统 | amazon_2023 | expat | * | Up to (excluding) 2.5.0-1.amzn2023.0.2 | |||||
| 运行在以下环境 | |||||||||
| 系统 | amazon_AMI | expat | * | Up to (excluding) 2.1.0-14.31.amzn1 | |||||
| 运行在以下环境 | |||||||||
| 系统 | anolis_os_7 | expat-devel | * | Up to (excluding) 2.1.0-14 | |||||
| 运行在以下环境 | |||||||||
| 系统 | anolis_os_8 | expat-devel | * | Up to (excluding) 2.2.5-4 | |||||
| 运行在以下环境 | |||||||||
| 系统 | centos_7 | expat | * | Up to (excluding) 2.1.0-14.el7_9 | |||||
| 运行在以下环境 | |||||||||
| 系统 | centos_8 | expat-debugsource | * | Up to (excluding) 1.51.0-8.el8 | |||||
| 运行在以下环境 | |||||||||
| 系统 | debian_10 | salt | * | Up to (including) 2018.3.4+dfsg1-6+deb10u3 | |||||
| 运行在以下环境 | |||||||||
| 系统 | debian_11 | salt | * | Up to (including) 3002.6+dfsg1-4+deb11u1 | |||||
| 运行在以下环境 | |||||||||
| 系统 | debian_9 | salt | * | Up to (including) 2016.11.2+ds-1+deb9u4 | |||||
| 运行在以下环境 | |||||||||
| 系统 | debian_sid | salt | * | Up to (including) 3004.1+dfsg-2 | |||||
| 运行在以下环境 | |||||||||
| 系统 | kylinos_aarch64_V10 | expat | * | Up to (excluding) 1.51.0-8.el8 | |||||
| 运行在以下环境 | |||||||||
| 系统 | kylinos_aarch64_V10SP1 | expat | * | Up to (excluding) 2.2.9-4.ky10 | |||||
| 运行在以下环境 | |||||||||
| 系统 | kylinos_aarch64_V10SP2 | firefox | * | Up to (excluding) 2.2.9-5.ky10 | |||||
| 运行在以下环境 | |||||||||
| 系统 | kylinos_aarch64_V10SP3 | firefox | * | Up to (excluding) 2.2.9-5.ky10 | |||||
| 运行在以下环境 | |||||||||
| 系统 | kylinos_loongarch64_V10SP1 | expat | * | Up to (excluding) 2.2.9-4.a.ky10 | |||||
| 运行在以下环境 | |||||||||
| 系统 | kylinos_x86_64_V10 | expat | * | Up to (excluding) 1.51.0-8.el8 | |||||
| 运行在以下环境 | |||||||||
| 系统 | kylinos_x86_64_V10SP1 | expat | * | Up to (excluding) 2.2.9-4.ky10 | |||||
| 运行在以下环境 | |||||||||
| 系统 | kylinos_x86_64_V10SP2 | firefox | * | Up to (excluding) 2.2.9-5.ky10 | |||||
| 运行在以下环境 | |||||||||
| 系统 | kylinos_x86_64_V10SP3 | firefox | * | Up to (excluding) 2.2.9-5.ky10 | |||||
| 运行在以下环境 | |||||||||
| 系统 | opensuse_Leap_15.3 | libexpat-devel-32bit | * | Up to (excluding) 2.2.5-3.9.1 | |||||
| 运行在以下环境 | |||||||||
| 系统 | oracle_7 | oraclelinux-release | * | Up to (excluding) 2.1.0-14.0.1.el7_9 | |||||
| 运行在以下环境 | |||||||||
| 系统 | oracle_8 | oraclelinux-release | * | Up to (excluding) 1.51.0-8.el8 | |||||
| 运行在以下环境 | |||||||||
| 系统 | redhat_7 | expat | * | Up to (excluding) 2.1.0-14.el7_9 | |||||
| 运行在以下环境 | |||||||||
| 系统 | redhat_8 | expat-debugsource | * | Up to (excluding) 1.51.0-8.el8 | |||||
| 运行在以下环境 | |||||||||
| 系统 | rocky_linux_8 | expat | * | Up to (excluding) 1.51.0-8.el8 | |||||
| 运行在以下环境 | |||||||||
| 系统 | rocky_linux_Rocky_Linux_8 | expat-debugsource | * | Up to (excluding) 1.51.0-8.el8 | |||||
| 运行在以下环境 | |||||||||
| 系统 | suse_12_SP5 | libexpat1-32bit | * | Up to (excluding) 2.1.0-21.12.1 | |||||
- 攻击路径 N/A
- 攻击复杂度 N/A
- 权限要求 N/A
- 影响范围 N/A
- 用户交互 N/A
- 可用性 N/A
- 保密性 N/A
- 完整性 N/A
| CWE-ID | 漏洞类型 |
| CWE-285 | 授权机制不恰当 |
Exp相关链接
版权声明
本站原创文章转载请注明文章出处及链接,谢谢合作!
评论