expat: a use-after-free in the doContent function in xmlparse.c

A vulnerability was found in expat. With this flaw, it is possible to create a situation in which parsing is suspended while substituting in an internal entity so that XMLResumeParser directly uses the internalEntityProcessor as its processor. If the subsequent parse includes some unclosed tags,...

expat: a use-after-free in the doContent function in xmlparse.c

A vulnerability was found in expat. With this flaw, it is possible to create a situation in which parsing is suspended while substituting in an internal entity so that XMLResumeParser directly uses the internalEntityProcessor as its processor. If the subsequent parse includes some unclosed tags,...

Security Bulletin: IBM HTTP Server is vulnerable to arbitrary code execution due to Expat (CVE-2022-40674)

Summary IBM HTTP Server used by IBM WebSphere Application Server is vulnerable to arbitrary code execution due to Expat. The Expat library is used by IBM HTTP Server's WebDAV moddav support, but may also be used by third-party Apache HTTP Server modules if they have been loaded into the server by...

Updated expat packages fix security vulnerability

libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c. CVE-2022-40674...

SUSE-SU-2022:3466-1 Security update for expat

This update for expat fixes the following issues: - CVE-2022-40674: Fixed use-after-free in the doContent function in xmlparse.c bsc1203438...

CLSA-2022-1664193203 Fixed CVE-2022-40674 in expat

CVE-2022-40674: Ensure raw tagnames are safe exiting internalEntityParser - fix tests leak - fix xmlparse leak...

Fixed CVE-2022-40674 in expat

CVE-2022-40674: Ensure raw tagnames are safe exiting internalEntityParser - fix tests leak - fix xmlparse leak...

CLSA-2022-1664192692 Fixed CVE-2022-40674 in expat

CVE-2022-40674: Ensure raw tagnames are safe exiting internalEntityParser - fix tests leak - fix xmlparse leak...

ALPINE-CVE-2022-40674

libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c...

libexpat 资源管理错误漏洞

libexpat is a streaming XML parser written in C. It has a vulnerability in its xmlparse.c component that stems from a post-release reuse of the doContent function. A security vulnerability exists in versions of libexpat prior to 2.4.9, which stems from post-release reuse of the doContent function...

CVE-2022-40674

libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c...

Security Bulletin: Expat vulnerabilities affect IBM Netezza Analytics for NPS

Summary IBM Netezza Analytics for NPS uses Expat version 2.2.0. IBM Netezza Analytics for NPS has addressed the applicable CVEs by upgrading Expat to version 2.4.7. Vulnerability Details CVEID: CVE-2022-23852 DESCRIPTION: Expat aka libexpat could allow a remote attacker to execute arbitrary code ...

expat: Integer overflow in doProlog in xmlparse.c

expat libexpat is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability,...

EulerOS Virtualization 2.9.0 : expat (EulerOS-SA-2022-1628)

According to the versions of the expat package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In Expat aka libexpat before 2.4.3, a left shift by 29 or more places in the storeAtts function in xmlparse.c can lead to realloc...

Huawei EulerOS: Security Advisory for expat (EulerOS-SA-2022-1502)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

expat: Integer overflow in addBinding in xmlparse.c

expat libexpat is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability confidentiality a...

expat: Integer overflow in storeAtts in xmlparse.c

expat libexpat is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability,...

expat: Integer overflow in build_model in xmlparse.c

expat libexpat is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability,...

expat: Integer overflow in addBinding in xmlparse.c

expat libexpat is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability confidentiality a...

expat: Integer overflow in build_model in xmlparse.c

expat libexpat is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability,...