62 matches found
Unity Linux 20.1070e Security Update: expat (UTSA-2026-017381)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017381 advisory. In Expat aka libexpat before 2.4.5, there is an integer overflow in copyString. Tenable has extracted the preceding description block directly from the Unity Linux...
MiracleLinux 9 : expat-2.2.10-12.el9.2 (AXSA:2022-3997:08)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3997:08 advisory. expat: stack exhaustion in doctype parsing CVE-2022-25313 expat: integer overflow in copyString CVE-2022-25314 Tenable has extracted the preceding...
Alibaba Cloud Linux 3 : 0128: expat (ALINUX3-SA-2022:0128)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2022:0128 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2022-25313: In Expat aka libexpat befo...
BELL-CVE-2022-25314 CVE-2022-25314 does not affect BellSoft software
Bulletin has no description...
Nessus Network Monitor < 6.2.1 Multiple Vulnerabilities (TNS-2023-19)
According to its self-reported version, the Nessus Network Monitor running on the remote host is prior to 6.2.1. It is, therefore, affected by multiple vulnerabilities as referenced in the TNS-2023-19 advisory. - Nessus Network Monitor leverages third-party software to help provide underlying...
Amazon Linux 2023 : expat, expat-devel, expat-static (ALAS2023-2023-058)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-058 advisory. In Expat aka libexpat before 2.4.3, a left shift by 29 or more places in the storeAtts function in xmlparse.c can lead to realloc misbehavior e.g., allocating too few bytes, or only freeing...
Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to arbitrary code execution in libexpat (CVE-2022-25314).
Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to arbitrary code execution caused by a buffer overflow in libexpat CVE-2022-25314. Libexpat is used as part of the base image included in our service components. Please read the details for remediation below...
NewStart CGSL MAIN 6.02 : expat Multiple Vulnerabilities (NS-SA-2022-0104)
The remote NewStart CGSL host, running version MAIN 6.02, has expat packages installed that are affected by multiple vulnerabilities: - In Expat aka libexpat before 2.4.5, an attacker can trigger stack exhaustion in buildmodel via a large nesting depth in the DTD element. CVE-2022-25313 - In Expa...
Amazon Linux 2022 : expat (ALAS2022-2022-232)
The version of expat installed on the remote host is prior to 2.4.7-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-232 advisory. - In Expat aka libexpat before 2.4.3, a left shift by 29 or more places in the storeAtts function in xmlparse.c can lead t...
RHEL 8 : mingw-expat (RHSA-2022:7811)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:7811 advisory. Expat is a C library for parsing XML documents. The mingw-expat packages provide a port of the Expat library for MinGW. The following packag...
Tenable Nessus < 10.2.0 Multiple Vulnerabilities (TNS-2022-11)
Tenable Nessus is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:tenable:nessus"; ifdescripti...
Important: mingw-expat security update
Expat is a C library for parsing XML documents. The mingw-expat packages provide a port of the Expat library for MinGW. The following packages have been upgraded to a later upstream version: mingw-expat 2.4.8. BZ2057023, BZ2057037, BZ2057127 Security Fixes: expat: Malformed 2- and 3-byte UTF-8...
ALSA-2022:7811 Important: mingw-expat security update
Expat is a C library for parsing XML documents. The mingw-expat packages provide a port of the Expat library for MinGW. The following packages have been upgraded to a later upstream version: mingw-expat 2.4.8. BZ2057023, BZ2057037, BZ2057127 Security Fixes: expat: Malformed 2- and 3-byte UTF-8...
Security Bulletin: IBM App Connect Enterprise Certified Container operands may be vulnerable to arbitrary code execution due to CVE-2022-25314
Summary libexpat is not used directly by IBM App Connect Enterprise Certified Container but is present in the operand images as part of the base operating system. Use of libexpat within IBM App Connect Enterprise Certified Container operands may be vulnerable to arbitrary code execution. This...
Important: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.51 security update
An update is now available for Red Hat JBoss Core Services. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link...
Huawei EulerOS: Security Advisory for expat (EulerOS-SA-2022-2555)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
GLSA-202209-24 : Expat: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202209-24 Expat: Multiple Vulnerabilities - In Expat aka libexpat before 2.4.3, a left shift by 29 or more places in the storeAtts function in xmlparse.c can lead to realloc misbehavior e.g., allocating too few bytes, or only...
Security Bulletin: Multiple vulnerabilities found in IBM DB2 which is shipped with IBM® Intelligent Operations Center(CVE-2022-22389, CVE-2022-22390, CVE-2022-25313, CVE-2022-25236, CVE-2022-25235, CVE-2022-25314, CVE-2022-25315)
Summary Multiple vulnerabilities have been identified in DB2 which is shipped with IBM® Intelligent Operations Center. Information about these vulnerabilities affecting IBM® Intelligent Operations Center have been published and addressed the applicable CVEs. Vulnerability Details...
Security Bulletin: Multiple security vulnerabilities has been identified in IBM® DB2® shipped with IBM PureData System for Operational Analytics
Summary IBM® DB2® is shipped as a component of IBM PureData System for Operational Analytics. Information about security vulnerabilities affecting IBM DB2 have been published in a security bulletin CVE-2022-22389, CVE-2022-22390, CVE-2022-25313, CVE-2022-25236, CVE-2022-25235, CVE-2022-25314,...
AlmaLinux 8 : expat (5314) (ALSA-2022:5314)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:5314 advisory. - In Expat aka libexpat before 2.4.5, an attacker can trigger stack exhaustion in buildmodel via a large nesting depth in the DTD element. CVE-2022-25313 ...