67 matches found
Security Bulletin: Security vulnerabilities may affect IBM WebSphere Liberty and Expat that are shipped with IBM CICS TX Standard.
Summary Security vulnerabilities may affect IBM WebSphere Liberty and Expat that are shipped with IBM CICS TX Standard CVE-2025-14914, CVE-2022-23990, CVE-2024-28757, CVE-2025-59375 and CVE-2025-12635. IBM WebSphere Liberty and Expat have been updated within IBM CICS TX Standard to address these...
Security Bulletin: Multiple security vulnerabilities are addressed with Cloud Pak foundational services before 4.6.20 shipped with IBM Cloud Pak for Business Automation iFixes for January 2026.
Summary IBM Cloud Pak for Business Automation includes IBM Cloud Pak foundational services. IBM Cloud Pak for Business Automation January 2026 security fixes update this dependency to 4.6.20 to address security vulnerabilities. Vulnerability Details CVEID:CVE-2022-23990 DESCRIPTION: Expat aka...
RHEL 8 : expat (RHSA-2025:22607)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:22607 advisory. Expat is a C library for parsing XML documents. Security Fixes: expat: internal entity expansion CVE-2013-0340 expat: integer overflow in t...
Important: Red Hat Security Advisory: expat security update
An update for expat is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring Syste...
expat security update
2.2.5-17.0.1 - lib: Prevent integer overflow in doProlog CVE-2022-23990Orabug: 33910314 2.2.5-17 - Fix CVE-2024-8176 - Resolves: RHEL-57477...
Linux Distros Unpatched Vulnerability : CVE-2022-23990
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Expat aka libexpat before 2.4.4 has an integer overflow in the doProlog function. CVE-2022-23990 Note that Nessus relies on the presence of the package as...
Oracle Linux 8 : expat (ELSA-2024-9502)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-9502 advisory. - lib: Prevent integer overflow in doProlog CVE-2022-23990Orabug: 33910314 - Fix CVE-2024-50602 Tenable has extracted the preceding description block directly...
Multiple Vulnerabilities within libexpat (CVE-2018-20843, CVE-2019-15903, CVE-2021-46143, CVE-2022-22825, CVE-2022-23990)
Summary CVE-2018-20843 In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing enough to be usable for denial-of-service attacks. Base CVSS score: 7.5...
RHEL 6 : expat (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - expat: Large number of prefixed XML attributes on a single tag can crash libexpat CVE-2021-45960 - expat:...
Medium: expat
Issue Overview: Expat aka libexpat before 2.4.4 has an integer overflow in the doProlog function. CVE-2022-23990 Affected Packages: expat Issue Correction: Run yum update expat or yum update --advisory ALAS-2023-1882 to update your system. New Packages: i686: expat-devel-2.1.0-15.34.amzn1.i686...
Amazon Linux 2 : expat (ALAS-2023-2280)
The version of expat installed on the remote host is prior to 2.1.0-15. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2280 advisory. Expat aka libexpat before 2.4.4 has an integer overflow in the doProlog function. CVE-2022-23990 A flaw was found in expat....
Nessus Network Monitor < 6.2.1 Multiple Vulnerabilities (TNS-2023-19)
According to its self-reported version, the Nessus Network Monitor running on the remote host is prior to 6.2.1. It is, therefore, affected by multiple vulnerabilities as referenced in the TNS-2023-19 advisory. - Nessus Network Monitor leverages third-party software to help provide underlying...
Amazon Linux 2023 : expat, expat-devel, expat-static (ALAS2023-2023-058)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-058 advisory. In Expat aka libexpat before 2.4.3, a left shift by 29 or more places in the storeAtts function in xmlparse.c can lead to realloc misbehavior e.g., allocating too few bytes, or only freeing...
Rocky Linux 8 : mingw-expat (RLSA-2022:7811)
The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:7811 advisory. - Expat aka libexpat before 2.4.4 has an integer overflow in the doProlog function. CVE-2022-23990 Note that Nessus has not tested for this issue but has instead...
Amazon Linux 2022 : expat (ALAS2022-2022-232)
The version of expat installed on the remote host is prior to 2.4.7-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-232 advisory. - In Expat aka libexpat before 2.4.3, a left shift by 29 or more places in the storeAtts function in xmlparse.c can lead t...
Tenable Nessus < 10.2.0 Multiple Vulnerabilities (TNS-2022-11)
Tenable Nessus is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:tenable:nessus"; ifdescripti...
RHEL 8 : mingw-expat (RHSA-2022:7811)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:7811 advisory. Expat is a C library for parsing XML documents. The mingw-expat packages provide a port of the Expat library for MinGW. The following packag...
Important: mingw-expat security update
Expat is a C library for parsing XML documents. The mingw-expat packages provide a port of the Expat library for MinGW. The following packages have been upgraded to a later upstream version: mingw-expat 2.4.8. BZ2057023, BZ2057037, BZ2057127 Security Fixes: expat: Malformed 2- and 3-byte UTF-8...
ALSA-2022:7811 Important: mingw-expat security update
Expat is a C library for parsing XML documents. The mingw-expat packages provide a port of the Expat library for MinGW. The following packages have been upgraded to a later upstream version: mingw-expat 2.4.8. BZ2057023, BZ2057037, BZ2057127 Security Fixes: expat: Malformed 2- and 3-byte UTF-8...
Tenable Nessus < 8.15.3, 10.x < 10.1.1 Multiple Vulnerabilities (TNS-2022-05)
Tenable Nessus is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:tenable:nessus"; ifdescripti...