K51011533: Expat XML parser vulnerability CVE-2018-20843

🗓️ 21 Feb 2023 18:53:50Reported by f5Type

f5🔗 my.f5.com👁 61 Views

Expat XML parser vulnerability CVE-2018-20843. XML input containing large number of colons can cause RAM and CPU resource exhaustion

Reporter	Title	Published	Views	Family All 202
IBM Security Bulletins	Security Bulletin: A security vulnerability has been identified in IBM HTTP Server, a component of IBM WebSphere Application Server, which is shipped with, or a required product for, IBM Tivoli Network Manager (CVE-2018-20843)	25 Mar 202011:36	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities affect IBM Tivoli Monitoring embedded WebSphere Application and IHS server	20 Dec 201908:47	–	ibm
IBM Security Bulletins	Security Bulletin: A security vulnerability has been identified in IBM HTTP Server, a component of IBM WebSphere Application Server, which is required product for IBM Tivoli Netcool Configuration Manager (CVE-2018-20843)	24 Aug 202013:03	–	ibm
IBM Security Bulletins	Security Bulletin: A security vulnerability has been identified in IBM HTTP Server, a component of IBM WebSphere Application Server, which is shipped with, or a required product for, IBM Tivoli Netcool Configuration Manager (CVE-2018-20843)	25 Mar 202011:34	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in WebSphere Application Server bundled with Cloud Pak System and supporting products	6 May 202011:57	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Security SiteProtector System is affected by Apache HTTP Server vulnerabilities	27 Feb 202010:34	–	ibm
IBM Security Bulletins	Security Bulletin: Vyatta 5600 vRouter Software Patches - Release 1801-za	25 Jul 201915:25	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM HTTP Server used by WebSphere Application Server	18 Sep 201918:52	–	ibm
IBM Security Bulletins	Security Bulletin: IBM MQ Appliance is affected by libexpat vulnerabilities (CVE-2018-20843, CVE-2019-15903)	3 Mar 202116:02	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise Edition is affected by HTTP Server vulnerability (CVE-2018-20843)	24 Oct 201912:14	–	ibm

Vulners

Node

f5 big-ip_aamRange<17.0.0

f5 big-ip_afmRange<17.0.0

f5 big-ip_analyticsRange<17.0.0

f5 big-ip_apmRange<17.0.0

f5 big-ip_asmRange<17.0.0

f5 big-ip_dnsRange<17.0.0

f5 big-ip_fpsRange<17.0.0

f5 big-ip_gtmRange<17.0.0

f5 big-ip_link_controllerRange<17.0.0

f5 big-ip_ltmRange<17.0.0

f5 big-ip_pemRange<17.0.0

f5 big-ip_aamRange16.0.0–16.0.1

f5 big-ip_afmRange16.0.0–16.0.1

f5 big-ip_analyticsRange16.0.0–16.0.1

f5 big-ip_apmRange16.0.0–16.0.1

f5 big-ip_asmRange16.0.0–16.0.1

f5 big-ip_dnsRange16.0.0–16.0.1

f5 big-ip_fpsRange16.0.0–16.0.1

f5 big-ip_gtmRange16.0.0–16.0.1

f5 big-ip_link_controllerRange16.0.0–16.0.1

f5 big-ip_ltmRange16.0.0–16.0.1

f5 big-ip_pemRange16.0.0–16.0.1

f5 big-ip_aamRange15.1.0–15.1.2

f5 big-ip_afmRange15.1.0–15.1.2

f5 big-ip_analyticsRange15.1.0–15.1.2

f5 big-ip_apmRange15.1.0–15.1.2

f5 big-ip_asmRange15.1.0–15.1.2

f5 big-ip_dnsRange15.1.0–15.1.2

f5 big-ip_fpsRange15.1.0–15.1.2

f5 big-ip_gtmRange15.1.0–15.1.2

f5 big-ip_link_controllerRange15.1.0–15.1.2

f5 big-ip_ltmRange15.1.0–15.1.2

f5 big-ip_pemRange15.1.0–15.1.2

f5 big-ip_aamRange14.0.0–14.1.4

f5 big-ip_afmRange14.0.0–14.1.4

f5 big-ip_analyticsRange14.0.0–14.1.4

f5 big-ip_apmRange14.0.0–14.1.4

f5 big-ip_asmRange14.0.0–14.1.4

f5 big-ip_dnsRange14.0.0–14.1.4

f5 big-ip_fpsRange14.0.0–14.1.4

f5 big-ip_gtmRange14.0.0–14.1.4

f5 big-ip_link_controllerRange14.0.0–14.1.4

f5 big-ip_ltmRange14.0.0–14.1.4

f5 big-ip_pemRange14.0.0–14.1.4

f5 big-ip_aamRange13.1.0–13.1.4

f5 big-ip_afmRange13.1.0–13.1.4

f5 big-ip_analyticsRange13.1.0–13.1.4

f5 big-ip_apmRange13.1.0–13.1.4

f5 big-ip_asmRange13.1.0–13.1.4

f5 big-ip_dnsRange13.1.0–13.1.4

f5 big-ip_fpsRange13.1.0–13.1.4

f5 big-ip_gtmRange13.1.0–13.1.4

f5 big-ip_link_controllerRange13.1.0–13.1.4

f5 big-ip_ltmRange13.1.0–13.1.4

f5 big-ip_pemRange13.1.0–13.1.4

f5 big-ip_aamRange12.1.0–12.1.6

f5 big-ip_afmRange12.1.0–12.1.6

f5 big-ip_analyticsRange12.1.0–12.1.6

f5 big-ip_apmRange12.1.0–12.1.6

f5 big-ip_asmRange12.1.0–12.1.6

f5 big-ip_dnsRange12.1.0–12.1.6

f5 big-ip_fpsRange12.1.0–12.1.6

f5 big-ip_gtmRange12.1.0–12.1.6

f5 big-ip_link_controllerRange12.1.0–12.1.6

f5 big-ip_ltmRange12.1.0–12.1.6

f5 big-ip_pemRange12.1.0–12.1.6

f5 big-ip_aamRange11.5.2–11.6.5

f5 big-ip_afmRange11.5.2–11.6.5

f5 big-ip_analyticsRange11.5.2–11.6.5

f5 big-ip_apmRange11.5.2–11.6.5

f5 big-ip_asmRange11.5.2–11.6.5

f5 big-ip_dnsRange11.5.2–11.6.5

f5 big-ip_fpsRange11.5.2–11.6.5

f5 big-ip_gtmRange11.5.2–11.6.5

f5 big-ip_link_controllerRange11.5.2–11.6.5

f5 big-ip_ltmRange11.5.2–11.6.5

f5 big-ip_pemRange11.5.2–11.6.5

f5 big-ip_aamRange<17.0.0

f5 big-ip_afmRange<17.0.0

f5 big-ip_analyticsRange<17.0.0

f5 big-ip_apmRange<17.0.0

f5 big-ip_asmRange<17.0.0

f5 big-ip_dnsRange<17.0.0

f5 big-ip_fpsRange<17.0.0

f5 big-ip_gtmRange<17.0.0

f5 big-ip_link_controllerRange<17.0.0

f5 big-ip_ltmRange<17.0.0

f5 big-ip_pemRange<17.0.0

f5 big-ip_aamRange16.0.0–16.1.1

f5 big-ip_afmRange16.0.0–16.1.1

f5 big-ip_analyticsRange16.0.0–16.1.1

f5 big-ip_apmRange16.0.0–16.1.1

f5 big-ip_asmRange16.0.0–16.1.1

f5 big-ip_dnsRange16.0.0–16.1.1

f5 big-ip_fpsRange16.0.0–16.1.1

f5 big-ip_gtmRange16.0.0–16.1.1

f5 big-ip_link_controllerRange16.0.0–16.1.1

f5 big-ip_ltmRange16.0.0–16.1.1

f5 big-ip_pemRange16.0.0–16.1.1

f5 big-ip_aamRange15.1.0–15.1.3

f5 big-ip_afmRange15.1.0–15.1.3

f5 big-ip_analyticsRange15.1.0–15.1.3

f5 big-ip_apmRange15.1.0–15.1.3

f5 big-ip_asmRange15.1.0–15.1.3

f5 big-ip_dnsRange15.1.0–15.1.3

f5 big-ip_fpsRange15.1.0–15.1.3

f5 big-ip_gtmRange15.1.0–15.1.3

f5 big-ip_link_controllerRange15.1.0–15.1.3

f5 big-ip_ltmRange15.1.0–15.1.3

f5 big-ip_pemRange15.1.0–15.1.3