Security Bulletin: Multiple Vulnerabilities in Expat component shipped with IBM Rational ClearCase ( CVE-2022-23852, CVE-2022-23990, CVE-2022-25235, CVE-2022-25315 )

Summary libexpat is a stream-oriented XML parser library used by IBM Rational ClearCase. IBM Rational ClearCase has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2022-23852 DESCRIPTION: Expat aka libexpat could allow a remote attacker to execute arbitrary code on the system, caus...

Vulnerabilities fixed in IBM Db2

IBM has released updates to fix vulnerabilities in DB2. With the exception of CVE-2022-22389, the vulnerabilities are located in the third-party component Expat. The vulnerabilities allow a malicious party to cause a Denial-of-Service or execute arbitrary code with the privileges of the...

Security Bulletin: Vulnerabilities in Expat component shipped with IBM Rational ClearCase (CVE-2019-15903)

Summary IBM Rational ClearCase is affected by an Expat library heap-based buffer over-read in XMLGetCurrentLineNumber leading to a denial of service vulnerability Vulnerability Details CVEID: CVE-2019-15903 DESCRIPTION: libexpat is vulnerable to a denial of service, caused by a heap-based buffer...

Apple iTunes < 12.6 Multiple Vulnerabilities (credentialed check)

The version of Apple iTunes installed on the remote Windows host is prior to 12.6. It is, therefore, affected by multiple vulnerabilities : - Multiple vulnerabilities exist in the expat component, the most severe of which are remote code execution vulnerabilities. An unauthenticated, remote...