Early Access — Mondoo Vulnerability Intelligence is currently in preview.

UBUNTU-CVE-2021-46143

HIGH8.1

In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_groupSize.

Published Jan 6, 2022

Modified 6 months ago

Fix available

Details

In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_groupSize.

Affected Packages

Ubuntu:24.04:LTSastropy

Affected versions:

5.3.2-15.3.4-26.0.0-16.0.0-1ubuntu16.0.0-1ubuntu2

Ubuntu:25.04astropy

Affected versions:

6.1.2-1ubuntu16.1.5-16.1.5-27.0.0-57.0.1-17.0.1-27.0.1-2build1

Ubuntu:22.04:LTSastropy

Affected versions:

4.2-6ubuntu15.0.1-15.0.2-1

Ubuntu:Pro:18.04:LTSastropy

Affected versions:

3.0-3

Ubuntu:Pro:20.04:LTSastropy

Affected versions:

3.2.1-1build13.2.2-1ubuntu14.0-34.0-4ubuntu1

Ubuntu:Pro:16.04:LTSayttm

Affected versions:

0.6.3-3build1

Ubuntu:Pro:16.04:LTScableswig

Affected versions:

0.1.0+git20150808-10.1.0+git20150808-2

Ubuntu:Pro:16.04:LTScadaver

Affected versions:

0.23.3-2ubuntu2

Ubuntu:Pro:18.04:LTScadaver

Affected versions:

0.23.3-2ubuntu3

Ubuntu:22.04:LTScadaver

Affected versions:

0.23.3-2.1build1

Ubuntu:25.04cadaver

Affected versions:

0.24+dfsg-40.26+dfsg-2

Ubuntu:24.04:LTScadaver

Affected versions:

0.24+dfsg-20.24+dfsg-30.24+dfsg-3build10.24+dfsg-3build2

Ubuntu:Pro:20.04:LTScadaver

Affected versions:

0.23.3-2.1build1

Ubuntu:Pro:20.04:LTScoda

Affected versions:

2.21-12.21-1build12.21-22.21-32.21-3build1

Ubuntu:22.04:LTScoda

Affected versions:

2.22.1-12.22.1-1build12.22.2-1build12.23-12.23.1-1

Ubuntu:24.04:LTScoda

Affected versions:

2.24.2-12.25-12.25.1-12.25.1-1build12.25.1-1build2

Ubuntu:25.04coda

Affected versions:

2.25.2-22.25.3-22.25.3-32.25.3-3build12.25.4-1

Ubuntu:Pro:18.04:LTScoin3

Affected versions:

3.1.4~abc9f50+dfsg1-23.1.4~abc9f50+dfsg2-13.1.4~abc9f50+dfsg3-13.1.4~abc9f50+dfsg3-2

Ubuntu:Pro:14.04:LTScoin3

Affected versions:

3.1.4~abc9f50-33.1.4~abc9f50-43.1.4~abc9f50-4ubuntu23.1.4~abc9f50-4ubuntu2+esm1

Ubuntu:Pro:16.04:LTScoin3

Affected versions:

3.1.4~abc9f50+dfsg1-13.1.4~abc9f50+dfsg1-1ubuntu0.1~esm1

Ubuntu:25.04emboss

Affected versions:

6.6.0+dfsg-12ubuntu26.6.0+dfsg-15ubuntu2

Ubuntu:22.04:LTSemboss

Affected versions:

6.6.0+dfsg-10ubuntu16.6.0+dfsg-11ubuntu16.6.0+dfsg-9ubuntu1

Ubuntu:24.04:LTSemboss

Affected versions:

6.6.0+dfsg-12ubuntu16.6.0+dfsg-12ubuntu2

Ubuntu:Pro:16.04:LTSemboss

Affected versions:

6.6.0+dfsg-16.6.0+dfsg-36.6.0+dfsg-3build1

Ubuntu:Pro:18.04:LTSemboss

Affected versions:

6.6.0+dfsg-66.6.0+dfsg-6build1

Ubuntu:Pro:20.04:LTSemboss

Affected versions:

6.6.0+dfsg-7ubuntu2

Ubuntu:20.04:LTSexpat

Affected versions:

2.2.7-22.2.9-12.2.9-1build1

Fixed in:

2.2.9-1ubuntu0.2

Ubuntu:14.04:LTSexpat

Affected versions:

2.1.0-42.1.0-4ubuntu12.1.0-4ubuntu1.12.1.0-4ubuntu1.22.1.0-4ubuntu1.32.1.0-4ubuntu1.42.1.0-4ubuntu1.4+esm2

Ubuntu:22.04:LTSexpat

Affected versions:

2.4.1-22.4.1-32.4.2-1

Fixed in:

2.4.3-1

Ubuntu:16.04:LTSexpat

Affected versions:

2.1.0-72.1.0-7ubuntu0.16.04.12.1.0-7ubuntu0.16.04.22.1.0-7ubuntu0.16.04.32.1.0-7ubuntu0.16.04.42.1.0-7ubuntu0.16.04.5

Ubuntu:18.04:LTSexpat

Affected versions:

2.2.3-12.2.3-22.2.5-0ubuntu22.2.5-32.2.5-3ubuntu0.12.2.5-3ubuntu0.2

Fixed in:

2.2.5-3ubuntu0.4

Ubuntu:Pro:14.04:LTSexpat

Affected versions:

2.1.0-42.1.0-4ubuntu12.1.0-4ubuntu1.12.1.0-4ubuntu1.22.1.0-4ubuntu1.32.1.0-4ubuntu1.42.1.0-4ubuntu1.4+esm2

Fixed in:

2.1.0-4ubuntu1.4+esm4

Ubuntu:Pro:16.04:LTSexpat

Affected versions:

2.1.0-72.1.0-7ubuntu0.16.04.12.1.0-7ubuntu0.16.04.22.1.0-7ubuntu0.16.04.32.1.0-7ubuntu0.16.04.42.1.0-7ubuntu0.16.04.5

Fixed in:

2.1.0-7ubuntu0.16.04.5+esm2

Ubuntu:22.04:LTSfirefox

Affected versions:

93.0+build1-0ubuntu394.0+build3-0ubuntu194.0.2+build1-0ubuntu194.0.2+build2-0ubuntu195.0+build1-0ubuntu195.0.1+build2-0ubuntu195.0.2+build1-0ubuntu196.0+build2-0ubuntu196.0.1+build1-0ubuntu196.0.2+build1-0ubuntu1+4 more

Fixed in:

1:1snap1-0ubuntu1

Ubuntu:20.04:LTSfirefox

Affected versions:

69.0.3+build1-0ubuntu170.0+build2-0ubuntu170.0+build2-0ubuntu270.0.1+build1-0ubuntu271.0+build2-0ubuntu271.0+build5-0ubuntu172.0.1+build1-0ubuntu172.0.2+build1-0ubuntu173.0+build1-0ubuntu173.0+build2-0ubuntu1+47 more

Fixed in:

98.0+build3-0ubuntu0.20.04.2

Ubuntu:18.04:LTSfirefox

Affected versions:

56.0+build6-0ubuntu157.0.1+build2-0ubuntu159.0.1+build1-0ubuntu159.0.2+build1-0ubuntu160.0+build2-0ubuntu160.0.1+build2-0ubuntu0.18.04.160.0.2+build1-0ubuntu0.18.04.161.0+build3-0ubuntu0.18.04.161.0.1+build1-0ubuntu0.18.04.162.0+build2-0ubuntu0.18.04.3+75 more

Fixed in:

98.0+build3-0ubuntu0.18.04.2

Ubuntu:25.04harp

Affected versions:

1.23-11.24-11.24-21.24-2build1

Ubuntu:22.04:LTSharp

Affected versions:

1.13-11.14-1

Ubuntu:Pro:20.04:LTSharp

Affected versions:

1.8-11.9-11.9.1-11.9.2-11.9.2-1build1

Ubuntu:24.04:LTSharp

Affected versions:

1.19-11.20.1-11.20.1-21.20.2-11.20.2-1build11.20.2-1build2

Ubuntu:Pro:18.04:LTSibm-3270

Affected versions:

3.3.14ga11-1build13.6ga4-13.6ga4-1build13.6ga4-23.6ga4-3

Ubuntu:22.04:LTSibm-3270

Affected versions:

4.0ga12-34.0ga14-14.0ga14-1build14.1ga10-14.1ga10-1.1

Ubuntu:25.04ibm-3270

Affected versions:

4.1ga10-1.1build24.3ga10-34.3ga10-4

Ubuntu:Pro:20.04:LTSibm-3270

Affected versions:

3.6ga4-3build1

Ubuntu:Pro:16.04:LTSibm-3270

Affected versions:

3.3.14ga11-13.3.14ga11-1build1

Ubuntu:24.04:LTSibm-3270

Affected versions:

4.1ga10-1.14.1ga10-1.1build14.1ga10-1.1build2

Ubuntu:Pro:16.04:LTSinsighttoolkit

Affected versions:

3.20.1+git20120521-63.20.1+git20120521-6build1

Ubuntu:Pro:16.04:LTSinsighttoolkit4

Affected versions:

4.8.1-1ubuntu34.8.1-1ubuntu44.8.2-3.1ubuntu14.9.0-3ubuntu24.9.0-4ubuntu14.9.0-4ubuntu1.1

Ubuntu:24.04:LTSinsighttoolkit5

Affected versions:

5.3.0-65.3.0-6build15.3.0-6build25.3.0-75.3.0-7build15.3.0-7build35.3.0-7build4

Ubuntu:22.04:LTSinsighttoolkit5

Affected versions:

5.2.1-15.2.1-25.2.1-3

Ubuntu:25.04insighttoolkit5

Affected versions:

5.3.0-7build55.3.0-7build65.4.0-2

Ubuntu:Pro:20.04:LTSlibsynthesis

Affected versions:

3.4.0.47.5+syncevolution-1.5.3-13.4.0.47.5+syncevolution-1.5.3-1build1

Ubuntu:24.04:LTSlibsynthesis

Affected versions:

3.4.0.47.5+syncevolution-1.5.3-1.13.4.0.47.5+syncevolution-1.5.3-1.23.4.0.47.5+syncevolution-1.5.3-1.2build1

Ubuntu:22.04:LTSlibsynthesis

Affected versions:

3.4.0.47.5+syncevolution-1.5.3-1.13.4.0.47.5+syncevolution-1.5.3-1build1

Ubuntu:Pro:16.04:LTSlibsynthesis

Affected versions:

3.4.0.47.5-0ubuntu3~gcc5.2

Ubuntu:Pro:18.04:LTSlibsynthesis

Affected versions:

3.4.0.47.5+syncevolution-1.5.2-13.4.0.47.5+syncevolution-1.5.2-33.4.0.47.5+syncevolution-1.5.3-1

Ubuntu:Pro:20.04:LTSlibxmltok

Affected versions:

1.2-41.2-4ubuntu0.20.04.1~esm11.2-4ubuntu0.20.04.1~esm21.2-4ubuntu0.20.04.1~esm3

Fixed in:

1.2-4ubuntu0.20.04.1~esm4

Ubuntu:24.04:LTSlibxmltok

Affected versions:

1.2-4.1ubuntu11.2-4.1ubuntu21.2-4ubuntu1

Ubuntu:22.04:LTSlibxmltok

Affected versions:

1.2-4

Ubuntu:Pro:22.04:LTSlibxmltok

Affected versions:

1.2-41.2-4ubuntu0.22.04.1~esm11.2-4ubuntu0.22.04.1~esm21.2-4ubuntu0.22.04.1~esm3

Fixed in:

1.2-4ubuntu0.22.04.1~esm4

Ubuntu:Pro:24.04:LTSlibxmltok

Affected versions:

1.2-4.1ubuntu11.2-4.1ubuntu21.2-4.1ubuntu2.24.0.4.1+esm11.2-4ubuntu1

Fixed in:

1.2-4.1ubuntu2.24.0.4.1+esm2

Ubuntu:Pro:16.04:LTSlibxmltok

Affected versions:

1.2-3build3

Fixed in:

1.2-3ubuntu0.16.04.1~esm1

Ubuntu:Pro:18.04:LTSlibxmltok

Affected versions:

1.2-41.2-4ubuntu0.18.04.1~esm11.2-4ubuntu0.18.04.1~esm21.2-4ubuntu0.18.04.1~esm3

Fixed in:

1.2-4ubuntu0.18.04.1~esm4

Ubuntu:25.04libxmltok

Affected versions:

1.2-4.1ubuntu31.2-4.1ubuntu4

Ubuntu:Pro:20.04:LTSmame

Affected versions:

0.206+dfsg.1-10.214+dfsg.1-20.215+dfsg.1-10.217+dfsg.1-10.217+dfsg.1-1build10.218+dfsg.1-10.220+dfsg.1-1

Ubuntu:22.04:LTSmame

Affected versions:

0.235+dfsg.1-1ubuntu10.237+dfsg.1-10.238+dfsg.1-10.239+dfsg.1-10.240+dfsg.1-10.242+dfsg.1-1

Ubuntu:Pro:16.04:LTSmame

Affected versions:

0.160-0ubuntu1

Ubuntu:Pro:18.04:LTSmame

Affected versions:

0.188+dfsg.1-0ubuntu20.189+dfsg.1-10.192+dfsg.1-0ubuntu10.195+dfsg.1-2

Ubuntu:25.04mame

Affected versions:

0.269+dfsg.1-10.270+dfsg.1-10.272+dfsg.1-10.273+dfsg.1-10.274+dfsg.1-20.275+dfsg.1-3

Ubuntu:24.04:LTSmame

Affected versions:

0.257+dfsg.1-10.258+dfsg.1-1build10.261+dfsg.1-10.261+dfsg.1-1build20.261+dfsg.1-1build30.264+dfsg.1-1

Ubuntu:22.04:LTSmatanza

Affected versions:

0.13+ds2-1

Ubuntu:24.04:LTSmatanza

Affected versions:

0.13+ds2-10.13+ds2-1build10.13+ds2-1build2

Ubuntu:Pro:16.04:LTSmatanza

Affected versions:

0.13+ds1-5

Ubuntu:25.04matanza

Affected versions:

0.13+ds2-1build20.13+ds2-2

Ubuntu:Pro:20.04:LTSmatanza

Affected versions:

0.13+ds1-60.13+ds2-1

Ubuntu:Pro:18.04:LTSmatanza

Affected versions:

0.13+ds1-5build10.13+ds1-6

Ubuntu:Pro:18.04:LTSopencollada

Affected versions:

0.1.0~20160714.0ec5063+dfsg1-2

Ubuntu:Pro:16.04:LTSopencollada

Affected versions:

0.1.0~20140703.ddf8f47+dfsg1-2

Ubuntu:24.04:LTSopencollada

Affected versions:

0.1.0~20180719.619d942+dfsg0-2build1

Ubuntu:Pro:20.04:LTSopencollada

Affected versions:

0.1.0~20180719.619d942+dfsg0-20.1.0~20180719.619d942+dfsg0-2build1

Ubuntu:22.04:LTSopencollada

Affected versions:

0.1.0~20180719.619d942+dfsg0-2build1

Ubuntu:Pro:18.04:LTSparaview

Affected versions:

5.1.2+dfsg1-25.1.2+dfsg1-2build15.4.1+dfsg3-1

Ubuntu:24.04:LTSparaview

Affected versions:

5.11.0+dfsg-25.11.0+dfsg-2build15.11.2+dfsg-45.11.2+dfsg-65.11.2+dfsg-6build15.11.2+dfsg-6build45.11.2+dfsg-6build5

Ubuntu:25.04paraview

Affected versions:

5.12.1+dfsg-45.13.2+dfsg-2ubuntu1

Ubuntu:Pro:16.04:LTSparaview

Affected versions:

4.1.0+dfsg+1-2build14.1.0+dfsg+1-35.0.0+dfsg1-2build15.0.0+dfsg1-2build25.0.1+dfsg1-35.0.1+dfsg1-4

Ubuntu:Pro:20.04:LTSparaview

Affected versions:

5.4.1+dfsg4-45.7.0-4ubuntu85.7.0-4ubuntu9

Ubuntu:22.04:LTSparaview

Affected versions:

5.10.0~rc1-1build35.9.0-2ubuntu1

Ubuntu:Pro:16.04:LTSpoco

Affected versions:

1.3.6p1-5.11.3.6p1-5.1build11.3.6p1-5.1ubuntu0.1

Ubuntu:Pro:18.04:LTSpoco

Affected versions:

1.7.8+dfsg1-21.7.8+dfsg1-31.8.0.1-1ubuntu4

Ubuntu:25.04poco

Affected versions:

1.13.0-6build11.13.0-6build2

Ubuntu:24.04:LTSpoco

Affected versions:

1.11.0-31.11.0-41.11.0-4.11.11.0-4.1build11.11.0-4.1build2

Ubuntu:Pro:14.04:LTSpoco

Affected versions:

1.3.6p1-41.3.6p1-4+deb7u1build1

Ubuntu:Pro:20.04:LTSpoco

Affected versions:

1.9.2-3ubuntu21.9.2-3ubuntu3

Ubuntu:22.04:LTSpoco

Affected versions:

1.10.0-61.11.0-3

Ubuntu:22.04:LTSqtwebengine-opensource-src

Affected versions:

5.15.6+dfsg-15.15.6+dfsg-25.15.7+dfsg-25.15.8+dfsg-15.15.8+dfsg-1build15.15.8+dfsg-1build25.15.8+dfsg-25.15.9+dfsg-1

Ubuntu:Pro:20.04:LTSqtwebengine-opensource-src

Affected versions:

5.12.4+dfsg-1ubuntu15.12.4+dfsg-1ubuntu35.12.5+dfsg-3ubuntu15.12.5+dfsg-6ubuntu25.12.5+dfsg-75.12.5+dfsg-7build15.12.8+dfsg-0ubuntu15.12.8+dfsg-0ubuntu1.1

Ubuntu:25.04qtwebengine-opensource-src

Affected versions:

5.15.17+dfsg-45.15.17+dfsg-55.15.17+dfsg2-15.15.17+dfsg2-25.15.17+dfsg2-35.15.18+dfsg-15.15.18+dfsg-2

Ubuntu:24.04:LTSqtwebengine-opensource-src

Affected versions:

5.15.15+dfsg-25.15.15+dfsg-2build25.15.15+dfsg-2ubuntu15.15.16+dfsg-15.15.16+dfsg-1ubuntu25.15.16+dfsg-1ubuntu45.15.16+dfsg-3

Ubuntu:Pro:18.04:LTSqtwebengine-opensource-src

Affected versions:

5.9.1+dfsg-45.9.1+dfsg-4ubuntu15.9.2+dfsg-2ubuntu15.9.3+dfsg-0ubuntu15.9.4+dfsg-0ubuntu15.9.5+dfsg-0ubuntu2

Ubuntu:Pro:18.04:LTSsitecopy

Affected versions:

1:0.16.6-71:0.16.6-7build1

Ubuntu:25.04sitecopy

Affected versions:

1:0.16.6-131:0.16.6-141:0.16.6-151:0.16.6-16

Ubuntu:Pro:20.04:LTSsitecopy

Affected versions:

1:0.16.6-7build1

Ubuntu:Pro:16.04:LTSsitecopy

Affected versions:

1:0.16.6-7

Ubuntu:22.04:LTSsitecopy

Affected versions:

1:0.16.6-101:0.16.6-9build1

Ubuntu:Pro:18.04:LTSswish-e

Affected versions:

2.4.7-5ubuntu1

Ubuntu:24.04:LTSswish-e

Affected versions:

2.4.7-6.22.4.7-6.2build12.4.7-6.2build22.4.7-6.2build3

Ubuntu:22.04:LTSswish-e

Affected versions:

2.4.7-6.12.4.7-6.1build12.4.7-6build3

Ubuntu:25.04swish-e

Affected versions:

2.4.7-6.2build32.4.7-6.2build42.4.7-6.3

Ubuntu:Pro:20.04:LTSswish-e

Affected versions:

2.4.7-6build12.4.7-6build2

Ubuntu:Pro:16.04:LTSswish-e

Affected versions:

2.4.7-42.4.7-4build1

Ubuntu:24.04:LTStdom

Affected versions:

0.9.3-10.9.3-1build1

Ubuntu:Pro:20.04:LTStdom

Affected versions:

0.9.1-1

Ubuntu:Pro:16.04:LTStdom

Affected versions:

0.8.3-1

Ubuntu:25.04tdom

Affected versions:

0.9.4-10.9.5-10.9.5-1.10.9.5-1.1build10.9.5.1-2

Ubuntu:Pro:18.04:LTStdom

Affected versions:

0.8.3-10.9.0-1

Ubuntu:22.04:LTStdom

Affected versions:

0.9.2-1

Ubuntu:22.04:LTStla

Affected versions:

1.3.5+dfsg1-2build1

Ubuntu:24.04:LTStla

Affected versions:

1.3.5+dfsg1-2.11.3.5+dfsg1-3

Ubuntu:Pro:18.04:LTStla

Affected versions:

1.3.5+dfsg1-21.3.5+dfsg1-2build1

Ubuntu:Pro:20.04:LTStla

Affected versions:

1.3.5+dfsg1-2build1

Ubuntu:Pro:16.04:LTStla

Affected versions:

1.3.5+dfsg1-11.3.5+dfsg1-2

Ubuntu:25.04tla

Affected versions:

1.3.5+dfsg2-1

Ubuntu:24.04:LTSvisp

Affected versions:

3.5.0-43.6.0-23.6.0-2.1build23.6.0-2.1build3

Ubuntu:22.04:LTSvisp

Affected versions:

3.4.0-43.4.0-53.4.0-63.5.0-13.5.0-2

Ubuntu:Pro:18.04:LTSvisp

Affected versions:

3.0.1-2ubuntu23.0.1-2ubuntu43.1.0-2

Ubuntu:Pro:16.04:LTSvisp

Affected versions:

2.10.0+dfsg-12.10.0+dfsg-1build12.10.0+dfsg-1build22.10.0+dfsg-22.10.0-4build33.0.0-4

Ubuntu:25.04visp

Affected versions:

3.6.0-2.1build43.6.0-2.1build53.6.0-5

Ubuntu:Pro:18.04:LTSvnc4

Affected versions:

4.1.1+xorg4.3.0-37.3ubuntu2

Ubuntu:Pro:16.04:LTSvnc4

Affected versions:

4.1.1+xorg4.3.0-37.3ubuntu24.1.1+xorg4.3.0-37.3ubuntu2.1+esm1

Ubuntu:Pro:14.04:LTSvnc4

Affected versions:

4.1.1+xorg4.3.0-37ubuntu54.1.1+xorg4.3.0-37ubuntu5.0.14.1.1+xorg4.3.0-37ubuntu5.0.24.1.1+xorg4.3.0-37ubuntu5.0.2+esm1

Ubuntu:Pro:14.04:LTSvtk

Affected versions:

5.8.0-14.1ubuntu25.8.0-14.1ubuntu35.8.0-14.1ubuntu3+esm15.8.0-14ubuntu15.8.0-14ubuntu3

Ubuntu:Pro:16.04:LTSvtk

Affected versions:

5.10.1+dfsg-25.10.1+dfsg-2.1build15.10.1+dfsg-2.1ubuntu0.1~esm15.10.1+dfsg-2build3

Ubuntu:Pro:18.04:LTSwbxml2

Affected versions:

0.10.7-10.10.7-1build1

Ubuntu:Pro:16.04:LTSwbxml2

Affected versions:

0.10.7-1

Ubuntu:25.04wbxml2

Affected versions:

0.11.10+dfsg-10.11.10+dfsg-2

Ubuntu:22.04:LTSwbxml2

Affected versions:

0.10.7-1build10.11.7+dfsg-1

Ubuntu:24.04:LTSwbxml2

Affected versions:

0.11.8+dfsg-30.11.8+dfsg-3build1

Ubuntu:Pro:20.04:LTSwbxml2

Affected versions:

0.10.7-1build1

Ubuntu:Pro:20.04:LTSxmlrpc-c

Affected versions:

1.33.14-8build11.33.14-8build2

Ubuntu:Pro:18.04:LTSxmlrpc-c

Affected versions:

1.33.14-71.33.14-81.33.14-8build1

Ubuntu:Pro:14.04:LTSxmlrpc-c

Affected versions:

1.16.33-3.2ubuntu31.33.06-0ubuntu1

Ubuntu:24.04:LTSxmlrpc-c

Affected versions:

1.33.14-111.33.14-11.11.33.14-121.33.14-12build11.33.14-12build2

Ubuntu:Pro:16.04:LTSxmlrpc-c

Affected versions:

1.33.14-0.2ubuntu31.33.14-1ubuntu1

Ubuntu:25.04xmlrpc-c

Affected versions:

1.59.03-41.59.03-51.59.03-61.59.03-7

Ubuntu:22.04:LTSxmlrpc-c

Affected versions:

1.33.14-101.33.14-9

Ubuntu:Pro:18.04:LTSxsd

Affected versions:

4.0.0-64.0.0-74.0.0-7build1

Ubuntu:24.04:LTSxsd

Affected versions:

4.0.0-94.0.0-9build14.0.0-9build2

Ubuntu:Pro:20.04:LTSxsd

Affected versions:

4.0.0-84.0.0-8build1

Ubuntu:Pro:16.04:LTSxsd

Affected versions:

4.0.0-24.0.0-34.0.0-4

Ubuntu:25.04xsd

Affected versions:

4.0.0-9build2

Ubuntu:22.04:LTSxsd

Affected versions:

4.0.0-8.14.0.0-9

References

REPORThttps://github.com/libexpat/libexpat/issues/532 REPORThttps://github.com/libexpat/libexpat/pull/538 REPORThttps://ubuntu.com/security/CVE-2021-46143 ADVISORYhttps://ubuntu.com/security/notices/USN-5288-1 ADVISORYhttps://ubuntu.com/security/notices/USN-5455-1 ADVISORYhttps://ubuntu.com/security/notices/USN-7199-1 REPORThttps://www.cve.org/CVERecord?id=CVE-2021-46143

CVSS Analysis

CVSS v3.1

8.1

Exploitability

Attack Vector

LocalAV:L

Attack Complexity

LowAC:L

Privileges Required

NonePR:N

User Interaction

RequiredUI:R

Scope

UnchangedS:U

Impact

Confidentiality

HighC:H

Integrity

HighI:H

Availability

HighA:H

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Upstream

CVE-2021-46143

USN-5288-1 USN-5455-1 USN-7199-1

Ecosystems

Ubuntu 24.04 LTS Ubuntu 25.04 Ubuntu 22.04 LTS Ubuntu Pro 18.04 LTS Ubuntu Pro 20.04 LTS Ubuntu Pro 16.04 LTS Ubuntu Pro 14.04 LTS Ubuntu 20.04 LTS Ubuntu 14.04 LTS Ubuntu 16.04 LTS Ubuntu 18.04 LTS Ubuntu Pro 22.04 LTS Ubuntu Pro 24.04 LTS

Timeline

PublishedJan 6, 2022

ModifiedJul 14, 2025

UBUNTU-CVE-2021-46143 | Mondoo Vulnerability Intelligence

UBUNTU-CVE-2021-46143

Details

Affected Packages

References

CVSS Analysis

Upstream

Related

Ecosystems

Timeline