Lucene search
UbuntuUSN-6694-1HistoryMar 14, 2024 - 12:00 a.m.
Expat vulnerabilities
2024-03-1400:00:00
ubuntu.com
78
expat vulnerabilities
xml parsing
denial of service
ubuntu 23.10
ubuntu 22.04 lts
cve-2023-52425
cve-2024-28757
resources consumption
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
7.3
Confidence
Low
EPSS
0.001
Percentile
38.0%
Releases
- Ubuntu 23.10
- Ubuntu 22.04 LTS
Packages
- expat - XML parsing C library
Details
It was discovered that Expat could be made to consume large amounts of
resources. If a user or automated system were tricked into processing
specially crafted input, an attacker could possibly use this issue to cause
a denial of service. (CVE-2023-52425, CVE-2024-28757)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 23.10 | noarch | expat | < 2.5.0-2ubuntu0.1 | UNKNOWN |
| Ubuntu | 23.10 | noarch | expat-dbgsym | < 2.5.0-2ubuntu0.1 | UNKNOWN |
| Ubuntu | 23.10 | noarch | libexpat1 | < 2.5.0-2ubuntu0.1 | UNKNOWN |
| Ubuntu | 23.10 | noarch | libexpat1-dbgsym | < 2.5.0-2ubuntu0.1 | UNKNOWN |
| Ubuntu | 23.10 | noarch | libexpat1-dev | < 2.5.0-2ubuntu0.1 | UNKNOWN |
| Ubuntu | 22.04 | noarch | expat | < 2.4.7-1ubuntu0.3 | UNKNOWN |
| Ubuntu | 22.04 | noarch | expat-dbgsym | < 2.4.7-1ubuntu0.3 | UNKNOWN |
| Ubuntu | 22.04 | noarch | libexpat1 | < 2.4.7-1ubuntu0.3 | UNKNOWN |
| Ubuntu | 22.04 | noarch | libexpat1-dbgsym | < 2.4.7-1ubuntu0.3 | UNKNOWN |
| Ubuntu | 22.04 | noarch | libexpat1-dev | < 2.4.7-1ubuntu0.3 | UNKNOWN |
Related
openvas
openvas
Huawei EulerOS: Security Advisory for expat (EulerOS-SA-2024-1881)
2024-07-16 00:00:00
SUSE: Security Advisory (SUSE-SU-2024:1129-1)
2024-05-07 00:00:00
Huawei EulerOS: Security Advisory for expat (EulerOS-SA-2024-2116)
2024-08-20 00:00:00
osv
osv
expat vulnerabilities
2024-03-14 10:19:40
Moderate: expat security update
2024-03-26 00:00:00
expat-2.6.2-1.1 on GA media
2024-06-15 00:00:00
nessus
nessus
Ubuntu 22.04 LTS / 23.10 : Expat vulnerabilities (USN-6694-1)
2024-03-14 00:00:00
EulerOS 2.0 SP10 : expat (EulerOS-SA-2024-1905)
2024-07-15 00:00:00
EulerOS Virtualization 2.12.0 : expat (EulerOS-SA-2024-2324)
2024-09-03 00:00:00
redhat
redhat
(RHSA-2024:3926) Moderate: expat security update
2024-06-13 14:14:44
(RHSA-2024:1530) Moderate: expat security update
2024-03-26 16:30:26
cloudfoundry
cloudfoundry
USN-6694-1: Expat vulnerabilities | Cloud Foundry
2024-04-04 00:00:00
almalinux
almalinux
Moderate: expat security update
2024-03-26 00:00:00
Moderate: expat security update
2024-04-02 00:00:00
Moderate: xmlrpc-c security and bug fix update
2024-07-02 00:00:00
mageia
mageia
Updated expat packages fix security vulnerabilities
2024-03-18 19:12:23
oraclelinux
oraclelinux
expat security update
2024-03-26 00:00:00
xmlrpc-c security and bug fix update
2024-07-02 00:00:00
expat security update
2024-04-03 00:00:00
slackware
slackware
[slackware-security] expat
2024-03-13 19:51:59
[slackware-security] expat
2024-02-07 20:13:19
githubexploit
githubexploit
Exploit for CVE-2024-28757
2024-05-03 04:58:24
Exploit for CVE-2024-28757
2024-05-03 09:21:27
Exploit for CVE-2024-28757
2024-05-03 09:24:51
vulnrichment
vulnrichment
CVE-2024-28757
2024-03-10 00:00:00
CVE-2023-52425
2024-02-04 00:00:00
ubuntucve
ubuntucve
CVE-2024-28757
2024-03-10 00:00:00
CVE-2023-52425
2024-02-04 00:00:00
fedora
fedora
[SECURITY] Fedora 40 Update: mingw-expat-2.6.1-1.fc40
2024-03-23 00:50:46
[SECURITY] Fedora 38 Update: mingw-expat-2.6.1-1.fc38
2024-03-19 02:00:28
[SECURITY] Fedora 39 Update: mingw-expat-2.6.1-1.fc39
2024-03-19 01:10:52
cbl_mariner
cbl_mariner
CVE-2024-28757 affecting package expat for versions less than 2.6.2-1
2024-06-21 09:32:44
CVE-2024-28757 affecting package expat for versions less than 2.6.2-2
2024-04-09 20:48:36
CVE-2023-52425 affecting package expat for versions less than 2.6.2-1
2024-06-21 09:32:44
aix
aix
AIX is affected by information disclosure due to Python (CVE-2024-28757)
2024-06-13 15:37:38
redos
redos
ROS-20240506-01
2024-05-06 00:00:00
ROS-20240820-04
2024-08-20 00:00:00
alpinelinux
alpinelinux
CVE-2024-28757
2024-03-10 05:15:06
CVE-2023-52425
2024-02-04 20:15:46
veracode
veracode
XML Entity Expansion
2024-03-11 07:18:06
Denial Of Service
2024-02-11 08:46:00
nvd
nvd
CVE-2024-28757
2024-03-10 05:15:06
CVE-2023-52425
2024-02-04 20:15:46
f5
f5
K000139637: Expat vulnerability CVE-2024-28757
2024-05-16 00:00:00
K000139630: Expat vulnerability CVE-2023-52425
2024-05-16 00:00:00
ibm
ibm
cvelist
cvelist
CVE-2024-28757
2024-03-10 00:00:00
CVE-2023-52425
2024-02-04 00:00:00
debiancve
debiancve
CVE-2024-28757
2024-03-10 05:15:06
CVE-2023-52425
2024-02-04 20:15:46
redhatcve
redhatcve
CVE-2024-28757
2024-03-10 10:10:35
CVE-2023-52425
2024-02-05 23:59:53
cve
cve
CVE-2024-28757
2024-03-10 05:15:06
CVE-2023-52425
2024-02-04 20:15:46
prion
prion
Design/Logic Flaw
2024-02-04 20:15:00
rocky
rocky
expat security update
2024-04-05 14:55:53
debian
debian
[SECURITY] [DLA 3783-1] expat security update
2024-04-09 04:41:36
photon
photon
Important Photon OS Security Update - PHSA-2024-4.0-0582
2024-03-22 00:00:00
Important Photon OS Security Update - PHSA-2024-5.0-0229
2024-03-22 00:00:00
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
7.3
Confidence
Low
EPSS
0.001
Percentile
38.0%
Related for USN-6694-1