Important: Red Hat Security Advisory: expat security update

An update for expat is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

expat: a use-after-free in the doContent function in xmlparse.c

A vulnerability was found in expat. With this flaw, it is possible to create a situation in which parsing is suspended while substituting in an internal entity so that XMLResumeParser directly uses the internalEntityProcessor as its processor. If the subsequent parse includes some unclosed tags,...

expat: a use-after-free in the doContent function in xmlparse.c

A vulnerability was found in expat. With this flaw, it is possible to create a situation in which parsing is suspended while substituting in an internal entity so that XMLResumeParser directly uses the internalEntityProcessor as its processor. If the subsequent parse includes some unclosed tags,...

RHEL 7 : expat (RHSA-2022:6834)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:6834 advisory. Expat is a C library for parsing XML documents. Security Fixes: expat: a use-after-free in the doContent function in xmlparse.c CVE-2022-40674 For mo...

Security Bulletin: IBM HTTP Server is vulnerable to arbitrary code execution due to Expat (CVE-2022-40674)

Summary IBM HTTP Server used by IBM WebSphere Application Server is vulnerable to arbitrary code execution due to Expat. The Expat library is used by IBM HTTP Server's WebDAV moddav support, but may also be used by third-party Apache HTTP Server modules if they have been loaded into the server by...

Vulnerability fixed in Expat

A vulnerability has been fixed in Expat. A malicious person can cause a use-after-free in libexpat via the doContent function in xmlparse.c. Misuse of the vulnerability potentially results in the following categories of damage: Denial-of-Service DoS. Manipulation of data Remote code execution Use...

DEBIAN-CVE-2022-40674

libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c...

AZL-10921 CVE-2022-40674 affecting package expat for versions less than 2.4.8-2

libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c...

UBUNTU-CVE-2022-40674

libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c...

CVE-2022-40674

libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c...