Linux Distros Unpatched Vulnerability : CVE-2012-0876

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The XML parser xmlparse.c in expat before 2.1.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows...

RHEL 4 : expat (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - expat: Memory leak in poolGrow CVE-2012-1148 - The XML parser xmlparse.c in expat before 2.1.0 computes...

K16949: Expat vulnerabilities CVE-2012-0876 and CVE-2012-1148

Security Advisory Description CVE-2012-0876 The XML parser xmlparse.c in expat before 2.1.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service CPU consumption via an XML file with many...

Python < 2.7.14, 3.3.x < 3.3.7, 3.4.x < 3.4.7, 3.5.x < 3.5.4, 3.6.x < 3.6.2 Expat 2.2.1 (bpo-30694) - Mac OS X

'Expat SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:python:python"; ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.118249";...

Python < 2.7.14, 3.3.x < 3.3.7, 3.4.x < 3.4.7, 3.5.x < 3.5.4, 3.6.x < 3.6.2 Expat 2.2.1 (bpo-30694) - Windows

'Expat SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:python:python"; ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.118248";...

Python < 2.7.14, 3.3.x < 3.3.7, 3.4.x < 3.4.7, 3.5.x < 3.5.4, 3.6.x < 3.6.2 Expat 2.2.1 (bpo-30694) - Linux

'Expat SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:python:python"; ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.118250";...

SUSE: Security Advisory (SUSE-SU-2012:0772-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2012:0773-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2020:0497-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED12 / SLES12 Security Update : python3 (SUSE-SU-2020:0497-1)

This update for python3 fixes the following issues : Update to 3.4.10 jscSLE-9427, bsc1159208 from 3.4.6 : Security issues fixed : Update expat copy from 2.1.1 to 2.2.0 to fix the following issues: CVE-2012-0876, CVE-2016-0718, CVE-2016-4472, CVE-2017-9233, CVE-2016-9063 CVE-2017-1000158: Fix an...

Security Bulletin: Multiple denial of service vulnerabilities with Expat may affect IBM HTTP Server shipped with IBM Service Delivery Manager (CVE-2012-0876, CVE-2012-1148, CVE-2016-4472 and CVE-2016-0718)

Summary IBM HTTP Server is shipped as components of IBM Service Delivery Manager. Information about a security vulnerability affecting IBM HTTP Server has been published in a security bulletin. Vulnerability Details CVEID: CVE-2012-0876 DESCRIPTION: Expat is vulnerable to a denial of service,...

Slackware 14.0 / 14.1 / 14.2 / current : python (SSA:2018-124-01)

New python packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2018-124-01. The text itself is copyright C Slackware Linu...

Updated expat packages fix security vulnerabilities

Updated expat packages fix security vulnerabilities: An issue was introduced when CVE-2012-0876 was addressed. Stefan Sørensen discovered that the use of the function XMLParse seeds the random number generator generating repeated outputs for rand calls CVE-2012-6702. Due to an incomplete solution...

CVE-2016-5300

The XML parser in Expat does not use sufficient entropy for hash initialization, which allows context-dependent attackers to cause a denial of service CPU consumption via crafted identifiers in an XML document. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0876...

DLA-508-1 expat - security update

Bulletin has no description...

[SECURITY] [DSA 3597-1] expat security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3597-1 [email protected] https://www.debian.org/security/ Luciano Bello June 07, 2016 https://www.debian.org/security/faq -...

[SECURITY] [DSA 3597-1] expat security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3597-1 [email protected] https://www.debian.org/security/ Luciano Bello June 07, 2016 https://www.debian.org/security/faq -...

DSA-3597-1 expat - security update

Bulletin has no description...

CVE-2016-5300

The XML parser in Expat does not use sufficient entropy for hash initialization, which allows context-dependent attackers to cause a denial of service CPU consumption via crafted identifiers in an XML document. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0876...

Moderate: Red Hat Security Advisory: Red Hat JBoss Web Server 2.1.0 security update

An update for Red Hat JBoss Web Server 2.1.0 that fixes four security issues is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...