Amazon Linux AMI : expat (ALAS-2025-1953)
The version of expat installed on the remote host is prior to 2.1.0-15.35. It is, therefore, affected by a vulnerability as referenced in the ALAS-2025-1953 advisory. An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XMLParseBuffer. CVE-2024-45490...