MiracleLinux 9 : thunderbird-102.3.0-4.el9.ML.1 (AXSA:2022-4150:23)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2022-4150:23 advisory. expat: a use-after-free in the doContent function in xmlparse.c CVE-2022-40674 Tenable has extracted the preceding description block directly from the...

MiracleLinux 8 : mingw-expat-2.4.8-2.el8 (AXSA:2023-5895:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5895:01 advisory. expat: a use-after-free in the doContent function in xmlparse.c CVE-2022-40674 Tenable has extracted the preceding description block directly from the...

MiracleLinux 8 : thunderbird-102.3.0-4.el8.ML.1 (AXSA:2022-3907:14)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2022-3907:14 advisory. expat: a use-after-free in the doContent function in xmlparse.c CVE-2022-40674 Tenable has extracted the preceding description block directly from the...

MiracleLinux 8 : expat-2.2.5-8.el8.3 (AXSA:2022-3891:07)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3891:07 advisory. expat: a use-after-free in the doContent function in xmlparse.c CVE-2022-40674 Tenable has extracted the preceding description block directly from the...

TencentOS Server 3: expat (TSSA-2023:0141)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0141 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

TencentOS Server 3: firefox (TSSA-2022:0175)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2022:0175 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

ABB M2M Gateway Use-After-Free in embedded Libexpat (CVE-2022-40674)

libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503230;...

Alibaba Cloud Linux 3 : 0043: mingw-expat (ALINUX3-SA-2023:0043)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2023:0043 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2022-40674: libexpat before 2.4.9 has a...

Alibaba Cloud Linux 3 : 0169: expat (ALINUX3-SA-2022:0169)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2022:0169 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2022-40674: libexpat before 2.4.9 has a...

Linux Distros Unpatched Vulnerability : CVE-2022-40674

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c. CVE-2022-40674 Note that Nessus relies on the presence of the package as...

RHEL 8 : expat (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - expat: a use-after-free in the doContent function in xmlparse.c CVE-2022-40674 - In libexpat through 2.4....

CentOS 9 : thunderbird-102.8.0-2.el9

The remote CentOS Linux 9 host has a package installed that is affected by a vulnerability as referenced in the thunderbird-102.8.0-2.el9 build changelog. - libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c. CVE-2022-40674 Note that Nessus has not tested for this...

CentOS 9 : expat-2.4.9-1.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the expat-2.4.9-1.el9 build changelog. - libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c. CVE-2022-40674 Note that Nessus has not tested for this issue bu...

NewStart CGSL MAIN 6.06 : expat Multiple Vulnerabilities (NS-SA-2023-0082)

The remote NewStart CGSL host, running version MAIN 6.06, has expat packages installed that are affected by multiple vulnerabilities: - In Expat aka libexpat before 2.4.3, a left shift by 29 or more places in the storeAtts function in xmlparse.c can lead to realloc misbehavior e.g., allocating to...

NewStart CGSL MAIN 5.04 : expat Vulnerability (NS-SA-2023-0070)

The remote NewStart CGSL host, running version MAIN 5.04, has expat packages installed that are affected by a vulnerability: - libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c. CVE-2022-40674 Note that Nessus has not tested for this issue but has instead relied...

Amazon Linux 2 : firefox (ALASFIREFOX-2023-010)

The version of firefox installed on the remote host is prior to 102.4.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2FIREFOX-2023-010 advisory. 2023-09-27: CVE-2021-28429 was added to this advisory. Integer overflow vulnerability in avtimecodemakestring in...

Huawei EulerOS: Security Advisory for expat (EulerOS-SA-2023-2422)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Advisory ROSA-SA-2023-2168

Software: firefox 102.10.0 OS: rosa-server79 packageevrstring: 102.10.0-1.res7 CVE-ID: CVE-2022-40674 BDU-ID: 2023-02596 CVE-Crit: HIGH CVE-DESC: A vulnerability in the doContent function of the xmlparse.c file of the libexpat XML parser library is related to a post-release exploit. Exploitation ...

Advisory ROSA-SA-2023-2166

Software: thunderbird 102.10.0 OS: rosa-server79 packageevrstring: 102.10.0-2.res7 CVE-ID: CVE-2022-40674 BDU-ID: 2023-02596 CVE-Crit: HIGH CVE-DESC: A vulnerability in the doContent function of the xmlparse.c file of the libexpat XML parser library is related to a post-release exploit...

EulerOS Virtualization 3.0.6.0 : expat (EulerOS-SA-2023-2219)

According to the versions of the expat packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c. CVE-2022-40674 - In libexpat through 2.4.9,...