MiracleLinux 8 : xmlrpc-c-1.51.0-9.el8_10 (AXSA:2024-8511:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8511:01 advisory. expat: parsing large tokens can trigger a denial of service CVE-2023-52425 CVE-2023-52425 libexpat through 2.5.0 allows a denial of service resource...

MiracleLinux 9 : expat-2.5.0-1.el9_3.1 (AXSA:2024-7643:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7643:01 advisory. expat: parsing large tokens can trigger a denial of service CVE-2023-52425 expat: XML Entity Expansion CVE-2024-28757 CVE-2023-52425 libexpat throug...

Advisory ROSA-SA-2025-3108

Software: xmlrpc-c 1.51.0 OS: ROSA Virtualization 2.1 packageevrstring: xmlrpc-c-1.51.0-10.rv3 CVE-ID: CVE-2021-46143 BDU-ID: 2022-01052 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the doProlog function of the xmlparse.c file of the Expat library is related to integer overflow. Exploitation of t...

Important: Red Hat Security Advisory: expat security update

An update for expat is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

TencentOS Server 3: expat (TSSA-2024:0100)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0100 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

Important: xmlrpc-c

Issue Overview: libexpat through 2.5.0 allows a denial of service resource consumption because many full reparsings are required in the case of a large token for which multiple buffer fills are needed. Considering the tradeoff between the stability of Amazon Linux and the impact of CVE-2023-52425...

clustershell-1.9.3-1.1 on GA media (moderate)

clustershell-1.9.3-1.1 on GA media Announcement ID: openSUSE-SU-2025:15212-1 Rating: moderate Cross-References: CVE-2023-52425 CVSS scores: CVE-2023-52425 SUSE : 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now...

TencentOS Server 3: xmlrpc-c (TSSA-2024:0295)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0295 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

TencentOS Server 4: expat (TSSA-2024:0465)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0465 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

Huawei EulerOS: Security Advisory for expat (EulerOS-SA-2025-1490)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for expat (EulerOS-SA-2025-1462)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Alibaba Cloud Linux 3 : 0146: expat (ALINUX3-SA-2024:0146)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2024:0146 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-52425: libexpat through 2.5.0 allows a...

Alibaba Cloud Linux 3 : 0188: xmlrpc-c (ALINUX3-SA-2024:0188)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2024:0188 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-52425: libexpat through 2.5.0 allows a...

RockyLinux 8 : xmlrpc-c (RLSA-2024:4259)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:4259 advisory. expat: parsing large tokens can trigger a denial of service CVE-2023-52425 Tenable has extracted the preceding description block directly from the RockyLinux...

Advisory ROSA-SA-2025-2785

Software: xmlrpc-c 1.51.0 OS: ROSA Virtualization 3.0 packageevrstring: xmlrpc-c-1.51.0-10.0.1.rv30 CVE-ID: CVE-2023-52425 BDU-ID: 2024-01514 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the XML parser library libexpat is associated with uncontrolled resource consumption. Exploitation of the...

Security Bulletin: Oracle Outside In Technology (OIT) Security Vulnerabilities - July 2024

Summary Oracle Outside In Technology OIT Security Vulnerabilities CVE-2023-45853 and CVE-2023-52425 - Resolved in July 2024 Oracle OIT v8.5.7 BP3 p36705510 Vulnerability Details CVEID:CVE-2023-45853 DESCRIPTION: MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer...

Linux Distros Unpatched Vulnerability : CVE-2023-52425

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libexpat through 2.5.0 allows a denial of service resource consumption because many full reparsings are required in the case of a large token for which multiple...

openSUSE Security Advisory (SUSE-SU-2024:1556-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Advisory (SUSE-SU-2024:1009-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Denial of service, SQL injection, and other vulnerabilities might affect IBM Storage Defender – Resiliency Service

Summary IBM Storage Defender – Resiliency Service is vulnerable to denial of service, SQL injection, and others. The vulnerabilities have been addressed. CVE-2023-52425, CVE-2024-53908, CVE-2024-53907, CVE-2023-52426, CVE-2022-29162, CVE-2023-25809, CVE-2023-27561, CVE-2023-28642, CVE-2024-21626,...