14 matches found
Unity Linux 20.1070e Security Update: expat (UTSA-2026-017379)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017379 advisory. xmlparse.c in Expat aka libexpat before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs. Tenable has extracted the preceding...
MiracleLinux 8 : expat-2.2.5-4.el8.3 (AXSA:2022-3114:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3114:01 advisory. expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution CVE-2022-25235 expat: Namespace-separator characters in...
JLSEC-2025-53 xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator chara...
xmlparse.c in Expat aka libexpat before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs...
OESA-2022-2057 expat security update
This package provides with static libraries and header files for developing with expat. Security Fixes: xmltokimpl.c in Expat aka libexpat before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context.CVE-2022-25235 xmlparse.c in Exp...
CLSA-2022-1660757175 Fixed 15 CVEs in expat
CVE-2022-25236: Fix insertion of namespace-separator characters into namespace URIs - CVE-2022-25235: Fix malformed UTF-8 sequences which can lead to arbitrary code execution - CVE-2022-25315: Fix integer overflow in storeRawNames - CVE-2022-22822: Fix integer overflow in addBinding -...
expat: Namespace-separator characters in "xmlns[:prefix]" attribute values can lead to arbitrary code execution
A flaw was found in expat. Passing one or more namespace separator characters in the "xmlns:prefix" attribute values made expat send malformed tag names to the XML processor on top of expat. This issue causes arbitrary code execution depending on how unexpected cases are handled inside the XML...
expat: Namespace-separator characters in "xmlns[:prefix]" attribute values can lead to arbitrary code execution
A flaw was found in expat. Passing one or more namespace separator characters in the "xmlns:prefix" attribute values made expat send malformed tag names to the XML processor on top of expat. This issue causes arbitrary code execution depending on how unexpected cases are handled inside the XML...
expat: Namespace-separator characters in "xmlns[:prefix]" attribute values can lead to arbitrary code execution
A flaw was found in expat. Passing one or more namespace separator characters in the "xmlns:prefix" attribute values made expat send malformed tag names to the XML processor on top of expat. This issue causes arbitrary code execution depending on how unexpected cases are handled inside the XML...
expat: Namespace-separator characters in "xmlns[:prefix]" attribute values can lead to arbitrary code execution
A flaw was found in expat. Passing one or more namespace separator characters in the "xmlns:prefix" attribute values made expat send malformed tag names to the XML processor on top of expat. This issue causes arbitrary code execution depending on how unexpected cases are handled inside the XML...
expat: Namespace-separator characters in "xmlns[:prefix]" attribute values can lead to arbitrary code execution
A flaw was found in expat. Passing one or more namespace separator characters in the "xmlns:prefix" attribute values made expat send malformed tag names to the XML processor on top of expat. This issue causes arbitrary code execution depending on how unexpected cases are handled inside the XML...
xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs.
...
AZL-8604 CVE-2022-25236 affecting package expat for versions less than 2.4.8-1
xmlparse.c in Expat aka libexpat before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs...
Expat 输入验证错误漏洞
Expat is a fast streaming XML parser written in C. A security vulnerability existed prior to Expat 2.4.5, which could be exploited by attackers to insert namespace separators into namespace URIs...
UBUNTU-CVE-2022-25236
xmlparse.c in Expat aka libexpat before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs...