openSUSE 15 Security Update : expat (openSUSE-SU-2022:0498-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:0498-1 advisory. - Expat aka libexpat before 2.4.4 has a signed integer overflow in XMLGetBuffer, for configurations with a nonzero XMLCONTEXTBYTES...

SUSE SLED15 / SLES15 Security Update : expat (SUSE-SU-2022:0498-1)

The remote SUSE Linux SLED15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0498-1 advisory. - Expat aka libexpat before 2.4.4 has a signed integer overflow in XMLGetBuffer, for configurations with a nonzero...

SUSE SLES12 Security Update : expat (SUSE-SU-2022:0495-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0495-1 advisory. - Expat aka libexpat before 2.4.4 has a signed integer overflow in XMLGetBuffer, for configurations with a nonzero XMLCONTEXTBYTES...

Security update for expat (important)

openSUSE Security Update: Security update for expat Announcement ID: openSUSE-SU-2022:0498-1 Rating: important References: 1195054 1195217 Cross-References: CVE-2022-23852 CVE-2022-23990 CVSS scores: CVE-2022-23852 NVD : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2022-23852 SUSE: 8.1...

Debian DSA-5073-1 : expat - security update

The remote Debian 10 / 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5073 advisory. - In Expat aka libexpat before 2.4.3, a left shift by 29 or more places in the storeAtts function in xmlparse.c can lead to realloc misbehavior e.g.,...

SUSE SLES11 Security Update : expat (SUSE-SU-2022:14884-1)

The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:14884-1 advisory. - Expat aka libexpat before 2.4.4 has a signed integer overflow in XMLGetBuffer, for configurations with a nonzero XMLCONTEXTBYTES...

SUSE: Security Advisory (SUSE-SU-2022:14884-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2022:14884-1 Security update for expat

This update for expat fixes the following issues: - CVE-2022-23852: Fixed signed integer overflow in XMLGetBuffer bsc1195054. - CVE-2022-23990: Fixed integer overflow in the doProlog function bsc1195217...

MGASA-2022-0048 Updated expat packages fix security vulnerability

Expat aka libexpat before 2.4.4 has a signed integer overflow in XMLGetBuffer, for configurations with a nonzero XMLCONTEXTBYTES. CVE-2022-23852 Expat aka libexpat before 2.4.4 has an integer overflow in the doProlog function. CVE-2022-23990...

Denial Of Service (DoS)

libexpat.so is vulnerable to denial of service. The vulnerability exists due to the integer overflow in the XMLGetBuffer function of xmlparse.c. as it does not properly check INTMAX byte length against the XMLCONTEXTBYTES, allowing an attacker to cause an application crash through the configurati...

CVE-2022-23852

Expat aka libexpat before 2.4.4 has a signed integer overflow in XMLGetBuffer, for configurations with a nonzero XMLCONTEXTBYTES...

Integer overflow

Expat aka libexpat before 2.4.4 has a signed integer overflow in XMLGetBuffer, for configurations with a nonzero XMLCONTEXTBYTES...

CVE-2022-23852

Expat aka libexpat before 2.4.4 has a signed integer overflow in XMLGetBuffer, for configurations with a nonzero XMLCONTEXTBYTES...

CVE-2022-23852

Expat aka libexpat before 2.4.4 has a signed integer overflow in XMLGetBuffer, for configurations with a nonzero XMLCONTEXTBYTES...

CVE-2022-23852

Expat aka libexpat before 2.4.4 has a signed integer overflow in XMLGetBuffer, for configurations with a nonzero XMLCONTEXTBYTES...

CVE-2022-23852

Expat aka libexpat before 2.4.4 has a signed integer overflow in XMLGetBuffer, for configurations with a nonzero XMLCONTEXTBYTES...

CVE-2022-23852

Expat aka libexpat before 2.4.4 has a signed integer overflow in XMLGetBuffer, for configurations with a nonzero XMLCONTEXTBYTES...

Security Bulletin: IBM Flex System Manager (FSM) is affected by multiple vulnerabilities from Apache HTTP server (CVE-2015-1283, CVE-2015-3183)

Summary Multiple security vulnerabilities have been discovered in the Apache HTTP server that is embedded in the IBM FSM. This bulletin addresses these vulnerabilities. Vulnerability Details CVEID: CVE-2015-1283 DESCRIPTION: Multiple integer overflows in the XMLGetBuffer function in Expat through...

Security Bulletin: A security vulnerability has been identified in WebSphere Application Server shipped with IBM Tivoli System Automation for Multiplatforms (CVE-2015-1283)

Summary WebSphere Application Server is shipped as a component of IBM Tivoli System Automation for Multiplatforms. Information about a security vulnerability affecting WebSphere Application Server has been published in a security bulletin. Vulnerability Details CVEID: CVE-2015-1283 DESCRIPTION:...

Denial Of Service (DoS)

expat is vulnerable to denial of service DoS attacks, with the possibility of other attacks. The vulnerability exists because there are multiple integer overflows in the XMLGetBuffer function that leads to a heap-based buffer overflow which may lead to further unspecified impact. CVE-2016-4472 is...