OESA-2022-1932 expat security update

Security Fixes: libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c.CVE-2022-40674...

libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c.

...

Use-After-Free

libexpat.so is vulnerable to use-after-free. The vulnerability is possible because the raw names will be pointing into the stored entity value instead of the parse buffer in doContent method of the file xmlparse.c, which doesn't release the consumed memory...

CVE-2022-40674

libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c...

DEBIAN-CVE-2022-40674

libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c...

CVE-2022-40674

libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c...

AZL-10921 CVE-2022-40674 affecting package expat for versions less than 2.4.8-2

libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c...

Design/Logic Flaw

libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c...

UBUNTU-CVE-2022-40674

libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c...

CVE-2022-40674

libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c...

ASB-A-219942275

In storeAtts of xmlparse.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

EulerOS 2.0 SP9 : expat (EulerOS-SA-2022-1837)

According to the versions of the expat package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - xmltokimpl.c in Expat aka libexpat before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a...

EulerOS 2.0 SP10 : expat (EulerOS-SA-2022-1803)

According to the versions of the expat package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - xmltokimpl.c in Expat aka libexpat before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a...

expat: Integer overflow in nextScaffoldPart in xmlparse.c

expat libexpat is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability,...

expat: Integer overflow in addBinding in xmlparse.c

expat libexpat is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability confidentiality a...

Huawei EulerOS: Security Advisory for expat (EulerOS-SA-2022-1342)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Linux 7 : expat (ELSA-2022-1069)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-1069 advisory. - lib: Prevent integer overflow in doProlog CVE-2022-23990Orabug: 33910302 - CVE-2022-25236 expat: namespace-separator characters in 'xmlns:prefix'...

expat: Integer overflow in build_model in xmlparse.c

expat libexpat is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability,...

expat: Integer overflow in lookup in xmlparse.c

expat libexpat is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability,...

expat: Integer overflow in nextScaffoldPart in xmlparse.c

expat libexpat is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability,...