MiracleLinux 8 : expat-2.5.0-2.el8_10 (AXSA:2026-758:06)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-758:06 advisory. libexpat: denial of service via crafted XML input CVE-2026-45186 Tenable has extracted the preceding description block directly from the MiracleLinux security...

Unity Linux 20.1070e Security Update: expat (UTSA-2026-017381)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017381 advisory. In Expat aka libexpat before 2.4.5, there is an integer overflow in copyString. Tenable has extracted the preceding description block directly from the Unity Linux...

Unity Linux 20.1060e / 20.1070e Security Update: expat (UTSA-2026-017361)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017361 advisory. nextScaffoldPart in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow. Tenable has extracted the preceding description block directly from the...

MiracleLinux 8 : expat-2.2.5-16.el8_10 (AXSA:2024-9009:08)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-9009:08 advisory. libexpat: expat: DoS via XMLResumeParser CVE-2024-50602 Tenable has extracted the preceding description block directly from the MiracleLinux security advisor...

MiracleLinux 8 : expat-2.2.5-17.el8_10 (AXSA:2025-9859:02)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9859:02 advisory. libexpat: expat: Improper Restriction of XML Entity Expansion Depth in libexpat CVE-2024-8176 Tenable has extracted the preceding description block directly...

Advisory ROSA-SA-2025-3050

Software: expat 2.2.5 OS: ROSA Virtualization 3.1 unaffected versions = expat-2.2.5-17.0.1.rv31 affected versions expat-2.2.5-17.0.1.rv31 CVE-ID: CVE-2019-15903 BDU-ID: CVE-Crit: HIGH CVE-DESC.: A vulnerability in the libexpat XML file parsing library is related to incorrect restriction of xml...

Fedora 43 : mingw-expat (2025-790553f7f2)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-790553f7f2 advisory. Update to expat-2.7.2, fixes CVE-2025-59375. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note...

RockyLinux 8 : expat (RLSA-2025:3913)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:3913 advisory. libexpat: expat: Improper Restriction of XML Entity Expansion Depth in libexpat CVE-2024-8176 Tenable has extracted the preceding description block directly from...

Photon OS 4.0: Expat PHSA-2025-4.0-0793

An update of the expat package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-4.0-0793. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

SUSE-SU-2024:1129-2 Security update for expat

This update for expat fixes the following issues: - CVE-2023-52425: Fixed a DoS caused by processing large tokens. bsc1219559 - CVE-2024-28757: Fixed an XML Entity Expansion. bsc1221289...

Medium: expat

Issue Overview: libexpat through 2.5.0 allows recursive XML Entity Expansion if XMLDTD is undefined at compile time. CVE-2023-52426 Affected Packages: expat Issue Correction: Run dnf update expat --releasever 2023.3.20240219 to update your system. New Packages: aarch64: ...

SUSE-SU-2022:3466-1 Security update for expat

This update for expat fixes the following issues: - CVE-2022-40674: Fixed use-after-free in the doContent function in xmlparse.c bsc1203438...

OPENSUSE-SU-2022:0844-1 Security update for expat

This update for expat fixes the following issues: - Fixed a regression caused by the patch for CVE-2022-25236 bsc1196784...

SUSE-SU-2022:0713-1 Security update for expat

This update for expat fixes the following issues: - CVE-2022-25236: Fixed possible namespace-separator characters insertion into namespace URIs bsc1196025. - CVE-2022-25235: Fixed UTF-8 character validation in a certain context bsc1196026. - CVE-2022-25313: Fixed stack exhaustion in buildmodel vi...

OPENSUSE-SU-2022:0713-1 Security update for expat

This update for expat fixes the following issues: - CVE-2022-25236: Fixed possible namespace-separator characters insertion into namespace URIs bsc1196025. - CVE-2022-25235: Fixed UTF-8 character validation in a certain context bsc1196026. - CVE-2022-25313: Fixed stack exhaustion in buildmodel vi...

SUSE-SU-2022:0179-1 Security update for expat

This update for expat fixes the following issues: - CVE-2021-45960: Fixed left shift in the storeAtts function in xmlparse.c that can lead to realloc misbehavior bsc1194251. - CVE-2021-46143: Fixed integer overflow in mgroupSize in doProlog bsc1194362. - CVE-2022-22822: Fixed integer overflow in...

SUSE-SU-2022:0178-1 Security update for expat

This update for expat fixes the following issues: - CVE-2021-45960: Fixed left shift in the storeAtts function in xmlparse.c that can lead to realloc misbehavior bsc1194251. - CVE-2021-46143: Fixed integer overflow in mgroupSize in doProlog bsc1194362. - CVE-2022-22822: Fixed integer overflow in...

SUSE-SU-2017:0424-1 Security update for expat

This update for expat fixes the following security issues: - CVE-2012-6702: Expat, when used in a parser that has not called XMLSetHashSalt or passed it a seed of 0, made it easier for context-dependent attackers to defeat cryptographic protection mechanisms via vectors involving use of the srand...