Security Bulletin: IBM MQ Operator and Queue manager container images are vulnerable to OpenSSL and libexpat

Summary OpenSSL and Libexpat used by IBM MQ Operator and Queue Manager container images are vulnerable to denial of service due to improper memory allocation, and providing weaker than expected security which might allow an attacker to execute arbitrary code on the system. This bulletin identifie...

libexpat: Integer Overflow or Wraparound

An issue was found in libexpat’s internal dtdCopy function in xmlparse.c, It can have an integer overflow for nDefaultAtts on 32-bit platforms where UINTMAX equals SIZEMAX...

Vulnerability of the dtdCopy() function (xmlparse.c) in the libexpat XML parsing library, allowing an attacker to cause a service failure or execute arbitrary code

The vulnerability of the dtdCopy function xmlparse.c in the libexpat XML parsing library is related to integer overflow. Exploiting this vulnerability could allow an attacker to cause service failures or execute arbitrary code...

CVE-2024-45491

An issue was found in libexpat’s internal dtdCopy function in xmlparse.c, It can have an integer overflow for nDefaultAtts on 32-bit platforms where UINTMAX equals SIZEMAX. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat...

Integer Overflow

libexpat.so is vulnerable to Integer Overflow. The vulnerability is caused due to a defect in function dtdCopy within xmlparse.c. This can lead to integer overflow for nDefaultAtts on 32-bit platforms whereUINTMAX equals SIZEMAX...

AZL-48430 CVE-2024-45491 affecting package expat for versions less than 2.6.3-1

An issue was discovered in libexpat before 2.6.3. dtdCopy in xmlparse.c can have an integer overflow for nDefaultAtts on 32-bit platforms where UINTMAX equals SIZEMAX...