Moderate: expat security update

Expat is a C library for parsing XML documents. Security Fixes: libexpat: expat: DoS via XMLResumeParser CVE-2024-50602 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE pages listed in the References...

expat security update

2.2.5-11.0.1.1 - lib: Prevent integer overflow in doProlog CVE-2022-23990Orabug: 33910314 2.2.5-11.1 - CVE-2023-52425 expat: parsing large tokens can trigger a denial of service - Resolves: RHEL-29321...

expat.ru Cross Site Scripting vulnerability OBB-3858749

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

expatfriendlylocals.com Cross Site Scripting vulnerability OBB-3602617

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

expat security update

2.2.5-10.0.1 - lib: Prevent integer overflow in doProlog CVE-2022-23990Orabug: 33910314 2.2.5-10.1 - CVE-2022-43680 expat: use-after free caused by overeager destruction of a shared DTD in XMLExternalEntityParserCreate - Resolves: CVE-2022-43680...

expatfriendlylocals.com Cross Site Scripting vulnerability OBB-3138564

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

expat security update

2.0.1-13.0.2 - Ensure raw tagnames are safe exiting internalEntityParser CVE-2022-40674Orabug: 34694174...

Important: Red Hat Security Advisory: expat security update

An update for expat is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

expat security update

2.2.10-12.3 - Ensure raw tagnames are safe exiting internalEntityParser - Resolves: CVE-2022-40674...

expat security update

2.2.5-8.0.1.2 - lib: Prevent integer overflow in doProlog CVE-2022-23990Orabug: 33910314 2.2.5-8.2 - Improve fix for CVE-2022-25313 - Related: CVE-2022-25313 2.2.5-8.1 - Fix multiple CVEs - Resolves: CVE-2022-25314 - Resolves: CVE-2022-25313...

expatmortgage.ae Cross Site Scripting vulnerability OBB-2669866

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2022-25235 affecting package expat for versions less than 2.4.8-1

CVE-2022-25235 affecting package expat for versions less than 2.4.8-1. An upgraded version of the package is available that resolves this issue...

expatjobseeker.de Cross Site Scripting vulnerability OBB-1402330

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

expat: Use-of-uninitialized-value in lookup

Project: https://github.com/libexpat/libexpat.git Detailed report: https://oss-fuzz.com/testcase?key=5904513653276672 Project: expat Fuzzer: libFuzzerexpatparseUTF16fuzzer Fuzz target binary: parseUTF16fuzzer Job Type: libfuzzermsanexpat Platform Id: linux Crash Type: Use-of-uninitialized-value...

expat: multiple issues

CVE-2012-6702 predictable random numbers It was found that when calling XMLParse ahead of rand, it causes the pseudo random generator to generate non-random predictable numbers. - CVE-2016-5300 denial of service It was found that original fix for CVE-2012-0876 used too little entropy for the hash...

Security update for expat (important)

This update for expat fixes the following issues: Security issue fixed: - CVE-2016-0718: Fix Expat XML parser that mishandles certain kinds of malformed input documents. bsc979441 - CVE-2015-1283: Fix multiple integer overflows. bnc980391 This update was imported from the SUSE:SLE-12:Update updat...

expat library integer overflow

Multiple integer overflows...

expatads.com XSS vulnerability

Vulnerable URL: https://www.expatads.com/-4-Free-Classifieds/posts/4-Business/3-Business-Offers/?brutelogic;alert%28/XSSPOSED/%29;// Details: Description| Value ---|--- Patched:| Yes, at 21.11.2017 Latest check for patch:| 21.11.2017 19:07 GMT Vulnerability type:| XSS Vulnerability status:|...

expat security update

CentOS Errata and Security Advisory CESA-2012:0731 Updated expat packages that fix two security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base...

Design/Logic Flaw

The expat XML parser in the aprxml interface in xml/aprxml.c in Apache APR-util before 1.3.7, as used in the moddav and moddavsvn modules in the Apache HTTP Server, allows remote attackers to cause a denial of service memory consumption via a crafted XML document containing a large number of nest...