27 matches found
Low: firefox
Issue Overview: libexpat before 2.7.6 uses insufficient entropy, and thus hash flooding can occur via a crafted XML document. CVE-2026-41080 Affected Packages: firefox Issue Correction: Run dnf update firefox --releasever 2023.11.20260514 or dnf update --advisory ALAS2023-2026-1706 --releasever...
RHCOS 4 : OpenShift Container Platform 4.5.41 (RHSA-2021:2431)
The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:2431 advisory. - jetty: local temporary directory hijacking vulnerability CVE-2020-27216 - jetty: buffer not correctly recycled in Gzip Request...
CVE-2026-33349 fast-xml-parser: Entity Expansion Limits Bypassed When Set to Zero Due to JavaScript Falsy Evaluation
fast-xml-parser allows users to process XML from JS object without C/C++ based libraries or callbacks. From version 4.0.0-beta.3 to before version 5.5.7, the DocTypeReader in fast-xml-parser uses JavaScript truthy checks to evaluate maxEntityCount and maxEntitySize configuration limits. When a...
EUVD-2016-0354
Malware in sbrugna...
EUVD-2013-1180
Malware in sbrugna...
EUVD-2021-1267
Malware in sbrugna...
EUVD-2013-6881
Malware in sbrugna...
EUVD-2021-19693
Malware in sbrugna...
EUVD-2018-11821
Malware in sbrugna...
EUVD-2013-2816
Malware in sbrugna...
EUVD-2016-6730
Malware in sbrugna...
Alibaba Cloud Linux 3 : 0255: expat (ALINUX3-SA-2024:0255)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2024:0255 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2024-50602: An issue was discovered in libexpat...
[SECURITY] [DLA 4145-1] expat security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-4145-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz April 30, 2025 https://wiki.debian.org/LTS -...
RHEL 9 : expat (RHSA-2025:3350)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:3350 advisory. Expat is a C library for parsing XML documents. Security Fixes: libexpat: expat: DoS via XMLResumeParser CVE-2024-50602 For more details about the...
Linux Distros Unpatched Vulnerability : CVE-2021-38443
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Eclipse CycloneDDS versions prior to 0.8.0 improperly handle invalid structures, which may allow an attacker to write arbitrary values in the XML parser...
Linux Distros Unpatched Vulnerability : CVE-2019-15903
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to...
Linux Distros Unpatched Vulnerability : CVE-2012-0876
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The XML parser xmlparse.c in expat before 2.1.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows...
Linux Distros Unpatched Vulnerability : CVE-2014-0191
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The xmlParserHandlePEReference function in parser.c in libxml2 before 2.9.2, as used in Web Listener in Oracle HTTP Server in Oracle Fusion Middleware 11.1.1.7....
Azure Linux 3.0 Security Update: expat / python3 (CVE-2024-50602)
The version of expat / python3 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-50602 advisory. - An issue was discovered in libexpat before 2.6.4. There is a crash within the XMLResumeParser...
Huawei EulerOS: Security Advisory for expat (EulerOS-SA-2025-1188)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...