80 matches found
Unity Linux 20.1060e / 20.1070e Security Update: expat (UTSA-2026-017356)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017356 advisory. buildmodel in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow. Tenable has extracted the preceding description block directly from the Unity...
MiracleLinux 8 : xmlrpc-c-1.51.0-8.el8 (AXSA:2022-4217:04)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-4217:04 advisory. expat: Integer overflow in doProlog in xmlparse.c CVE-2021-46143 expat: Integer overflow in addBinding in xmlparse.c CVE-2022-22822 expat: Integer...
Alibaba Cloud Linux 3 : 0021: expat (ALINUX3-SA-2022:0021)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2022:0021 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2021-45960: In Expat aka libexpat befo...
Linux Distros Unpatched Vulnerability : CVE-2022-22823
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - buildmodel in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow. CVE-2022-22823 Note that Nessus relies on the presence of the package as...
Amazon Linux 2022 : expat, expat-devel, expat-static (ALAS2022-2022-017)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-017 advisory. In Expat aka libexpat before 2.4.3, a left shift by 29 or more places in the storeAtts function in xmlparse.c can lead to realloc misbehavior e.g., allocating too few bytes, or only freeing...
RHEL 6 : expat (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - expat: Large number of prefixed XML attributes on a single tag can crash libexpat CVE-2021-45960 - expat:...
CentOS 9 : expat-2.2.10-9.el9
The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the expat-2.2.10-9.el9 build changelog. - Large number of prefixed XML attributes on a single tag can crash libexpat CVE-2021-45960 - Integer overflow in doProlog in xmlparse.c...
NewStart CGSL MAIN 6.06 : expat Multiple Vulnerabilities (NS-SA-2023-0082)
The remote NewStart CGSL host, running version MAIN 6.06, has expat packages installed that are affected by multiple vulnerabilities: - In Expat aka libexpat before 2.4.3, a left shift by 29 or more places in the storeAtts function in xmlparse.c can lead to realloc misbehavior e.g., allocating to...
Rocky Linux 8 : xmlrpc-c (RLSA-2022:7692)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:7692 advisory. - In doProlog in xmlparse.c in Expat aka libexpat before 2.4.3, an integer overflow exists for mgroupSize. CVE-2021-46143 - addBinding in xmlparse.c in...
Rocky Linux 8 : expat (RLSA-2022:0951)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:0951 advisory. - In Expat aka libexpat before 2.4.3, a left shift by 29 or more places in the storeAtts function in xmlparse.c can lead to realloc misbehavior e.g.,...
Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM / 22.04 ESM : xmltok library vulnerabilities (USN-5455-1)
The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM / 22.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5455-1 advisory. Tim Boddy, Gustavo Grieco and others discovered that Expat, that is integrated in xmltok library, incorrectly handled...
OESA-2023-1455 firefox security update
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. Security Fixes: addBinding in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow.CVE-2022-22822 buildmodel in xmlparse.c in Expat aka libexpat before 2.4.3 has an...
Nessus Network Monitor < 6.2.1 Multiple Vulnerabilities (TNS-2023-19)
According to its self-reported version, the Nessus Network Monitor running on the remote host is prior to 6.2.1. It is, therefore, affected by multiple vulnerabilities as referenced in the TNS-2023-19 advisory. - Nessus Network Monitor leverages third-party software to help provide underlying...
Amazon Linux 2023 : expat, expat-devel, expat-static (ALAS2023-2023-058)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-058 advisory. In Expat aka libexpat before 2.4.3, a left shift by 29 or more places in the storeAtts function in xmlparse.c can lead to realloc misbehavior e.g., allocating too few bytes, or only freeing...
K23421535: Expat vulnerabilities CVE-2022-22822, CVE-2022-22823, and CVE-2022-22824
Security Advisory Description CVE-2022-22822 addBinding in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow. CVE-2022-22823 buildmodel in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow. CVE-2022-22824 defineAttribute in xmlparse.c in Expat aka libexpat...
Ubuntu: Security Advisory (USN-5455-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Amazon Linux 2022 : expat (ALAS2022-2022-232)
The version of expat installed on the remote host is prior to 2.4.7-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-232 advisory. - In Expat aka libexpat before 2.4.3, a left shift by 29 or more places in the storeAtts function in xmlparse.c can lead t...
Oracle Linux 8 : xmlrpc-c (ELSA-2022-7692)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-7692 advisory. - lib: Prevent more integer overflows CVE-2022-22822 to CVE-2022-22827 2058567, 2058576, 2058582, 2058589, 2058595, 2058602 Tenable has extracted the...
AlmaLinux 8 : xmlrpc-c (ALSA-2022:7692)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:7692 advisory. - In doProlog in xmlparse.c in Expat aka libexpat before 2.4.3, an integer overflow exists for mgroupSize. CVE-2021-46143 - addBinding in xmlparse.c in...
Moderate: Red Hat Security Advisory: xmlrpc-c security update
An update for xmlrpc-c is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...