EulerOS 2.0 SP10 : expat (EulerOS-SA-2025-1003)

According to the versions of the expat package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An issue was discovered in libexpat before 2.6.4. There is a crash within the XMLResumeParser function because XMLStopParser can stop/suspend an...

The vulnerability of the XMLParser component in the CI/CD application integration and delivery system of JetBrains TeamCity allows attackers to perform XXE attacks.

The vulnerability of the XMLParser component in the CI/CD application integration and delivery system of JetBrains TeamCity is related to an incorrect limitation on XML references to external objects. Exploiting this vulnerability allows a malicious actor to perform XXE attacks remotely...

SUSE-SU-2024:4411-1 Security update for mozjs115

This update for mozjs115 fixes the following issues: - CVE-2024-11498: Fixed resource exhaustion via Stack overflow in libjxl bsc1233786 - CVE-2024-11403: Fixed out of Bounds Memory Read/Write in libjxl bsc1233766 - CVE-2024-50602: Fixed DoS via XMLResumeParser in libexpat bsc1232602...

CVE-2024-56356

In JetBrains TeamCity before 2024.12 insecure XMLParser configuration could lead to potential XXE attack...

SUSE CVE-2024-46455

unstructured v.0.14.2 and before is vulnerable to XML External Entity XXE via the XMLParser...

CVE-2024-43398

...

RHEL 9 : expat (RHSA-2024:11200)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:11200 advisory. Expat is a C library for parsing XML documents. Security Fixes: libexpat: expat: DoS via XMLResumeParser CVE-2024-50602 For more details about the...

Moderate: Red Hat Security Advisory: expat security update

An update for expat is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

USN-7146-1: Dogtag PKI vulnerabilities

Christina Fu discovered that Dogtag PKI accidentally enabled a mock authentication plugin by default. An attacker could potentially use this flaw to bypass the regular authentication process and trick the CA server into issuing certificates. This issue only affected Ubuntu 16.04 LTS. CVE-2017-753...

[SECURITY] Fedora 41 Update: mingw-expat-2.6.4-1.fc41

This is expat, the C library for parsing XML, written by James Clark. Expat is a stream oriented XML parser. This means that you register handlers with the parser prior to starting the parse. These handlers are called when the parser discovers the associated structures in the document being parse...

[SECURITY] Fedora 40 Update: mingw-expat-2.6.4-1.fc40

This is expat, the C library for parsing XML, written by James Clark. Expat is a stream oriented XML parser. This means that you register handlers with the parser prior to starting the parse. These handlers are called when the parser discovers the associated structures in the document being parse...

[SECURITY] Fedora 39 Update: mingw-expat-2.6.3-2.fc39

This is expat, the C library for parsing XML, written by James Clark. Expat is a stream oriented XML parser. This means that you register handlers with the parser prior to starting the parse. These handlers are called when the parser discovers the associated structures in the document being parse...

Moderate: expat security update

Expat is a C library for parsing XML documents. Security Fixes: libexpat: expat: DoS via XMLResumeParser CVE-2024-50602 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE pages listed in the References...

RHEL 8 : expat (RHSA-2024:9502)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:9502 advisory. Expat is a C library for parsing XML documents. Security Fixes: libexpat: expat: DoS via XMLResumeParser CVE-2024-50602 For more details about the...

RHEL 6 : openstack-nova (RHSA-2013:1199)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2013:1199 advisory. The openstack-nova packages provide OpenStack Compute Nova, which provides services for provisioning, managing, and using virtual machine...

Exploit for CVE-2024-51132

CVE-2024-51132-POC Vulnerability Type XXE - XML Externa...

OESA-2024-2311 expat security update

expat is a stream-oriented XML parser library written in C. expat excels with files too large to fit RAM, and where performance and flexibility are crucial. Security Fixes: An issue was discovered in libexpat before 2.6.4. There is a crash within the XMLResumeParser function because XMLStopParser...

Security Bulletin: Apache Xerces vulnerability Affects IBM Jazz Reporting Service

Summary Apache Xerces-J XML parser XML4J shipped with IBM Jazz Reporting Service is vulnerable to a denial of service attack that can be triggered by malformed XML data. Vulnerability Details CVEID:CVE-2020-14338 DESCRIPTION: Wildfly could allow a remote attacker to bypass security restrictions,...

[SECURITY] Fedora 39 Update: expat-2.6.3-1.fc39

This is expat, the C library for parsing XML, written by James Clark. Expat is a stream oriented XML parser. This means that you register handlers with the parser prior to starting the parse. These handlers are called when the parser discovers the associated structures in the document being parse...

[SECURITY] Fedora 41 Update: expat-2.6.3-1.fc41

This is expat, the C library for parsing XML, written by James Clark. Expat is a stream oriented XML parser. This means that you register handlers with the parser prior to starting the parse. These handlers are called when the parser discovers the associated structures in the document being parse...