Amazon Linux 2023 : ImageMagick, ImageMagick-c++, ImageMagick-c++-devel (ALAS2023-2026-1611)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1611 advisory. ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below 7.1.2-189 and 6.9.13-44, when Magick parses an XML file it is possible that a...

AZL-7155 CVE-2021-46143 affecting package expat for versions less than 2.4.3-1

In doProlog in xmlparse.c in Expat aka libexpat before 2.4.3, an integer overflow exists for mgroupSize...

PT-2021-6877 · Php +9 · Php +9

Name of the Vulnerable Software and Affected Versions: PHP versions 7.3.x through 7.3.32 PHP versions 7.4.x through 7.4.25 PHP versions 8.0.x through 8.0.12 Description: The issue is related to certain XML parsing functions in PHP, such as simplexml load file, which URL-decode the filename passed...

UBUNTU-CVE-2016-1837

Multiple use-after-free vulnerabilities in the 1 htmlPArsePubidLiteral and 2 htmlParseSystemiteral functions in libxml2 before 2.9.4, as used in Apple iOS before 9.3.2, OS X before 10.11.5, tvOS before 9.2.1, and watchOS before 2.2.1, allow remote attackers to cause a denial of service via a...

Oracle: Security Advisory (ELSA-2014-1319)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Linux 6 / 7 : xerces-j2 (ELSA-2014-1319)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2014-1319 advisory. 2.11.0-17 - Fix XML parsing bug JAXP, 8017298 - Resolves: CVE-2013-4002 Tenable has extracted the preceding description block directly from the Oracle Linux...

xerces-j2 security update

2.11.0-17 - Fix XML parsing bug JAXP, 8017298 - Resolves: CVE-2013-4002...