USN-8313-1 xmlrpc-c vulnerabilities

It was discovered that Expat, vendored in XML-RPC, incorrectly handled certain files. An attacker could possibly use this issue to cause a crash or execute arbitrary code...

MiracleLinux 8 : xmlrpc-c-1.51.0-5.el8.1 (AXSA:2022-3167:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3167:01 advisory. expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution CVE-2022-25235 Tenable has extracted the preceding description block...

MiracleLinux 8 : xmlrpc-c-1.51.0-9.el8_10 (AXSA:2024-8511:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8511:01 advisory. expat: parsing large tokens can trigger a denial of service CVE-2023-52425 CVE-2023-52425 libexpat through 2.5.0 allows a denial of service resource...

MiracleLinux 8 : xmlrpc-c-1.51.0-10.el8_10 (AXSA:2024-8980:02)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8980:02 advisory. libexpat: Integer Overflow or Wraparound CVE-2024-45491 Tenable has extracted the preceding description block directly from the MiracleLinux security advisor...

Advisory ROSA-SA-2025-3108

Software: xmlrpc-c 1.51.0 OS: ROSA Virtualization 2.1 packageevrstring: xmlrpc-c-1.51.0-10.rv3 CVE-ID: CVE-2021-46143 BDU-ID: 2022-01052 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the doProlog function of the xmlparse.c file of the Expat library is related to integer overflow. Exploitation of t...

Advisory ROSA-SA-2025-2963

Software: xmlrpc-c 1.51.0 OS: ROSA Virtualization 3.0 unaffected versions = xmlrpc-c-1.51.0-11.0.1.rv30 affected versions xmlrpc-c-1.51.0-11.0.1.rv30 CVE-ID: CVE-2024-8176 BDU-ID: 2025-04573 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the libexpat XML file parsing library is related to a...

Advisory ROSA-SA-2025-2958

Software: xmlrpc-c 1.51.0 OS: ROSA Virtualization 2.1 unaffected versions = xmlrpc-c-1.51.0-11.0.1.rv3 affected versions xmlrpc-c-1.51.0-11.0.1.rv3 CVE-ID: CVE-2024-8176 BDU-ID: 2025-04573 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the libexpat XML file parsing library is related to a stack-bas...

RockyLinux 8 : xmlrpc-c (RLSA-2025:4048)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:4048 advisory. libexpat: expat: Improper Restriction of XML Entity Expansion Depth in libexpat CVE-2024-8176 Tenable has extracted the preceding description block directly from...

xmlrpc-c security update

An update is available for xmlrpc-c. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list XML-RPC is a remote procedure call RPC protocol that uses XML to encode its...

Fedora: Security Advisory (FEDORA-2025-a835dd04a0)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Alibaba Cloud Linux 3 : 0240: xmlrpc-c (ALINUX3-SA-2024:0240)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2024:0240 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2024-45491: An issue was discovered in libexpat...

Alibaba Cloud Linux 3 : 0057: xmlrpc-c (ALINUX3-SA-2025:0057)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2025:0057 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2024-8176: A stack overflow vulnerability exist...

xmlrpc-c security and bug fix update

An update is available for xmlrpc-c. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list XML-RPC is a remote procedure call RPC protocol that uses XML to encode its...

RLSA-2024:4259 Moderate: xmlrpc-c security and bug fix update

XML-RPC is a remote procedure call RPC protocol that uses XML to encode its calls and HTTP as a transport mechanism. The xmlrpc-c packages provide a network protocol to allow a client program to make a simple RPC remote procedure call over the Internet. It converts an RPC into an XML document,...

RockyLinux 8 : xmlrpc-c (RLSA-2024:4259)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:4259 advisory. expat: parsing large tokens can trigger a denial of service CVE-2023-52425 Tenable has extracted the preceding description block directly from the RockyLinux...

RHSA-2025:4449 Red Hat Security Advisory: xmlrpc-c security update

Bulletin has no description...

RHSA-2025:4447 Red Hat Security Advisory: xmlrpc-c security update

Bulletin has no description...

RHSA-2025:4448 Red Hat Security Advisory: xmlrpc-c security update

Bulletin has no description...

RHSA-2025:4446 Red Hat Security Advisory: xmlrpc-c security update

Bulletin has no description...

Moderate: Red Hat Security Advisory: xmlrpc-c security update

An update for xmlrpc-c is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this update as...