logo
DATABASE RESOURCES PRICING ABOUT US

Expat: Multiple vulnerabilities

Description

### Background Expat is a set of XML parsing libraries. ### Description Multiple vulnerabilities have been discovered in Expat. Please review the CVE identifiers referenced below for details. ### Impact A remote attacker, by enticing a user to process a specially crafted XML file, could execute arbitrary code with the privileges of the process or cause a Denial of Service condition. This attack could also be used against automated systems that arbitrarily process XML files. ### Workaround There is no known workaround at this time. ### Resolution All Expat users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/expat-2.2.0-r1"


Affected Package


OS OS Version Package Name Package Version
Gentoo any dev-libs/expat 2.2.0-r1

Related