Astra Linux - уязвимость в firefox, thunderbird, expat, libxmltok

The addBinding method in xmlparse.c within Expat also known as libexpat has an integer overflow issue before version 2.4.3...

Astra Linux - уязвимость в firefox, expat, libxmltok, thunderbird

The libexpat library before version 2.4.9 has a use-after-free issue in the doContent function of the xmlparse.c file...

Astra Linux - уязвимость в firefox, thunderbird, expat

The defineAttribute function in xmlparse.c of Expat also known as libexpat has an integer overflow before version 2.4.3...

Astra Linux - уязвимость в firefox, thunderbird, expat

nextScaffoldPart in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow...

Astra Linux - уязвимость в firefox, thunderbird, expat

The buildmodel function in xmlparse.c within ExPat also known as libexpat has an integer overflow issue before version 2.4.3...

Unity Linux 20.1060e / 20.1070e Security Update: expat (UTSA-2026-017358)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017358 advisory. defineAttribute in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow. Tenable has extracted the preceding description block directly from the Uni...

Unity Linux 20.1060e / 20.1070e Security Update: expat (UTSA-2026-017361)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017361 advisory. nextScaffoldPart in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow. Tenable has extracted the preceding description block directly from the...

Unity Linux 20.1060e / 20.1070e Security Update: expat (UTSA-2026-017360)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017360 advisory. In doProlog in xmlparse.c in Expat aka libexpat before 2.4.3, an integer overflow exists for mgroupSize. Tenable has extracted the preceding description block direct...

Unity Linux 20.1060e / 20.1070e Security Update: expat (UTSA-2026-017354)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017354 advisory. storeAtts in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow. Tenable has extracted the preceding description block directly from the Unity Lin...

Astra Linux - уязвимость в firefox, thunderbird, expat, libxmltok

storeAtts in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow...

AIX (IJ57292)

The version of AIX installed on the remote host is prior to APAR IJ57292. It is, therefore, affected by a vulnerability as referenced in the IJ57292 advisory. - A vulnerability was found in libxml2 up to 2.14.5. It has been declared as problematic. This vulnerability affects the function...

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound in the doContent function in xmlparse.c. An attacker can cause memory corruption or potentially execute arbitrary code by providing specially crafted input that triggers an integer overflow. Remediation...

MiracleLinux 8 : xmlrpc-c-1.51.0-8.el8 (AXSA:2022-4217:04)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-4217:04 advisory. expat: Integer overflow in doProlog in xmlparse.c CVE-2021-46143 expat: Integer overflow in addBinding in xmlparse.c CVE-2022-22822 expat: Integer...

MiracleLinux 7 : expat-2.1.0-15.0.1.el7.AXS7 (AXSA:2024-8927:07)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8927:07 advisory. CVE-2024-45490: Reject negative length for XMLParseBuffer in xmlparse.c CVE-2024-45491: Detect integer overflow in dtdCopy on 32-bit platforms...

MiracleLinux 8 : expat-2.2.5-4.el8.3 (AXSA:2022-3114:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3114:01 advisory. expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution CVE-2022-25235 expat: Namespace-separator characters in...

MiracleLinux 8 : firefox-102.3.0-7.el8.ML.1 (AXSA:2022-3904:25)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2022-3904:25 advisory. expat: a use-after-free in the doContent function in xmlparse.c CVE-2022-40674 Tenable has extracted the preceding description block directly from the...

MiracleLinux 9 : expat-2.2.10-12.el9.2 (AXSA:2022-4305:10)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-4305:10 advisory. expat: a use-after-free in the doContent function in xmlparse.c CVE-2022-40674 Tenable has extracted the preceding description block directly from the...

MiracleLinux 7 : expat-2.1.0-15.el7 (AXSA:2022-3882:06)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3882:06 advisory. expat: a use-after-free in the doContent function in xmlparse.c CVE-2022-40674 Tenable has extracted the preceding description block directly from the...

expat: Integer overflow in addBinding in xmlparse.c

expat libexpat is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability confidentiality a...

expat: Integer overflow in doProlog in xmlparse.c

expat libexpat is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability,...