SUSE: Security Advisory (SUSE-SU-2022:14878-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Denial Of Service (DoS)

libexpat.so is vulnerable to denial of service. The vulnerability exists due to the integer overflow in the XMLGetBuffer function of xmlparse.c. as it does not properly check INTMAX byte length against the XMLCONTEXTBYTES, allowing an attacker to cause an application crash through the configurati...

Denial Of Service (DoS)

expat is vulnerable to denial-of-service. The vulnerability exists in storeAtts function in xmlparse.c may lead to realloc misbehavior, allowing a malicious user to cause an application crash...

OESA-2022-1490 expat security update

An XML parser library. Security Fixes: In Expat aka libexpat before 2.4.3, a left shift by 29 or more places in the storeAtts function in xmlparse.c can lead to realloc misbehavior e.g., allocating too few bytes, or only freeing memory.CVE-2021-45960 lookup in xmlparse.c in Expat aka libexpat...

addBinding in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.

...

defineAttribute in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.

...

Expat build_model function buffer overflow vulnerability

Expat is a fast streaming XML parser written in C. A buffer overflow vulnerability exists in versions of Expat prior to 2.4.3, which stems from a boundary error in buildmodel in xmlparse.c when handling untrusted input. A remote attacker could exploit this vulnerability to execute arbitrary code ...

Integer Overflow

libexpat.so is vulnerable to denial of serviceDOS attacks. The vulnerability exists due to the integer overflow in the addBinding of xmlparse.c, allowing an attacker to cause an application crash...

Integer Overflow

libexpat.so is vulnerable to Integer Overflow. The vulnerability exists because the defineAttribute function of xmlparse.c doesn't check the input length which allows an attacker to leverage an overflow causing an application crash...

Integer Overflow

libexpat.so is vulnerable to Integer Overflow. The vulnerability exists in the nextScaffoldPart function in the xmlparse.c' file, allowing an attacker to cause an application crash...

Denial Of Service (DoS)

libexpat.so is vulnerable to denial of service. The vulnerability exists due to the integer overflow in the lookup of xmlparse.c, allowing an attacker to cause an application crash...

Denial Of Service (DoS)

libexpat.so is vulnerable to denial of service. The vulnerability exists due to the integer overflow in the buildmodel of xmlparse.c, allowing an attacker to cause an application crash...

ALPINE-CVE-2022-22827

storeAtts in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow...

DEBIAN-CVE-2022-22826

nextScaffoldPart in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow...

AZL-7161 CVE-2022-22827 affecting package expat for versions less than 2.4.3-1

storeAtts in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow...

CVE-2022-22827

storeAtts in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow...

CVE-2022-22826

nextScaffoldPart in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow...

CVE-2022-22827

storeAtts in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow...

DEBIAN-CVE-2022-22824

defineAttribute in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow...

DEBIAN-CVE-2022-22822

addBinding in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow...