Unity Linux 20.1070e Security Update: expat (UTSA-2026-017383)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017383 advisory. In Expat aka libexpat before 2.4.5, an attacker can trigger stack exhaustion in buildmodel via a large nesting depth in the DTD element. Tenable has extracted the...

Security update for python39

This update for python39 fixes the following issues: CVE-2025-13462: incorrect parsing of TarInfo when GNU long name and type AREGTYPE are combined can lead to misinterpretation of tar archives bsc1259611. CVE-2026-3644: incomplete control character validation in http.cookies can lead to input...

Security update for python

This update for python fixes the following issues: CVE-2025-13462: incorrect parsing of TarInfo when GNU long name and type AREGTYPE are combined can lead to misinterpretation of tar archives bsc1259611. CVE-2026-3644: incomplete control character validation in http.cookies can lead to input...

TencentOS Server 3: expat (TSSA-2022:0128)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2022:0128 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

OESA-2022-2057 expat security update

This package provides with static libraries and header files for developing with expat. Security Fixes: xmltokimpl.c in Expat aka libexpat before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context.CVE-2022-25235 xmlparse.c in Exp...

DEBIAN-CVE-2022-25313

In Expat aka libexpat before 2.4.5, an attacker can trigger stack exhaustion in buildmodel via a large nesting depth in the DTD element...

UBUNTU-CVE-2022-25313

In Expat aka libexpat before 2.4.5, an attacker can trigger stack exhaustion in buildmodel via a large nesting depth in the DTD element...

CVE-2022-25313

In Expat aka libexpat before 2.4.5, an attacker can trigger stack exhaustion in buildmodel via a large nesting depth in the DTD element...

Expat 资源管理错误漏洞

Expat is a fast streaming XML parser written in C. A security vulnerability existed prior to Expat 2.4.5, which could be exploited by an attacker to trigger stack exhaustion in buildmodel via a large nesting depth in the DTD element...