CVE-2022-23990

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2022-23990

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-23990.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2022-23990

Aliases

A-221256678
ASB-A-221256678

Downstream

ALPINE-CVE-2022-23990

BELL-CVE-2022-23990

CLEANSTART-2026-MH09144

CLEANSTART-2026-YT18139

DEBIAN-CVE-2022-23990

DLA-2904-1

DSA-5073-1

JLSEC-2025-51

OESA-2022-1511

RHBA-2022:4046

RHSA-2022:7811

RHSA-2025:21776

RHSA-2025:22607

RHSA-2025:22785

RHSA-2025:22842

RHSA-2025:22871

SUSE-SU-2022:0495-1

SUSE-SU-2022:0498-1

SUSE-SU-2022:14884-1

UBUNTU-CVE-2022-23990

USN-5288-1

openSUSE-SU-2022:0498-1

openSUSE-SU-2024:11793-1

Related

Published

2022-01-26T19:15:08.517Z

Modified

2026-02-24T11:42:23.913583Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function.

References

Affected packages

Git / github.com/wordpress/wordpress-develop

Affected ranges

Type: GIT
Repo: https://github.com/wordpress/wordpress-develop
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

2b9b722d75266ba8921d199ff0ce92fd07abba6f

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-23990.json"