52 matches found
Security update for expat (important)
openSUSE Security Update: Security update for expat Announcement ID: openSUSE-SU-2022:0713-1 Rating: important References: 1196025 1196026 1196168 1196169 1196171 Cross-References: CVE-2022-25235 CVE-2022-25236 CVE-2022-25313 CVE-2022-25314 CVE-2022-25315 CVSS scores: CVE-2022-25235 NVD : 9.8...
Updated expat packages fix security vulnerability
Passing malformed 2- and 3-byte UTF-8 sequences e.g. from start tag names to the XML processing application on top of Expat can cause arbitrary damage e.g. code execution depending on how invalid UTF-8 is handled inside the XML processor; validation was not their job but Expat's. Exploits with co...
Privilege Escalation
libexpat.so is vulnerable to privilege escalation. The vulnerability exists in the namespace-separator Character Handler in the xmlparse.c allowing an unauthorized user to access the system account...
ALPINE-CVE-2022-25236
xmlparse.c in Expat aka libexpat before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs...
CVE-2022-25236
xmlparse.c in Expat aka libexpat before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs...
DEBIAN-CVE-2022-25236
xmlparse.c in Expat aka libexpat before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs...
EUVD-2022-29934
xmlparse.c in Expat aka libexpat before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs...
CVE-2022-25236
xmlparse.c in Expat aka libexpat before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs...
CVE-2022-25236
xmlparse.c in Expat aka libexpat before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs...
CVE-2022-25236
xmlparse.c in Expat aka libexpat before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs...
CVE-2022-25236
xmlparse.c in Expat aka libexpat before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs...
CVE-2022-25236
xmlparse.c in Expat aka libexpat before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs...