Unity Linux 20.1070e Security Update: expat (UTSA-2026-017378)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017378 advisory. xmltokimpl.c in Expat aka libexpat before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context...

Rocky Linux 8 : xmlrpc-c (RLSA-2022:1643)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:1643 advisory. - xmltokimpl.c in Expat aka libexpat before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain contex...

EulerOS Virtualization 3.0.2.0 : expat (EulerOS-SA-2023-1707)

According to the versions of the expat packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - xmltokimpl.c in Expat aka libexpat before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character...

EulerOS 2.0 SP9 : expat (EulerOS-SA-2022-1837)

According to the versions of the expat package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - xmltokimpl.c in Expat aka libexpat before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a...

EulerOS 2.0 SP10 : expat (EulerOS-SA-2022-1803)

According to the versions of the expat package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - xmltokimpl.c in Expat aka libexpat before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a...

Oracle Linux 8 : xmlrpc-c (ELSA-2022-1643)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-1643 advisory. 1.51.0-5.1 - Add missing validation of encoding CVE-2022-25235 2058114 Tenable has extracted the preceding description block directly from the Oracle Linux...

Oracle Linux 7 : expat (ELSA-2022-1069)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-1069 advisory. - lib: Prevent integer overflow in doProlog CVE-2022-23990Orabug: 33910302 - CVE-2022-25236 expat: namespace-separator characters in 'xmlns:prefix'...

Oracle Linux 8 : expat (ELSA-2022-0951)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-0951 advisory. - Improve fix for CVE-2022-25236 - Related: CVE-2022-25236 - Resolves: CVE-2022-25236 - Resolves: CVE-2022-25235 - Resolves: CVE-2022-25315 -...

Amazon Linux 2 : expat (ALAS-2022-1764)

The version of expat installed on the remote host is prior to 2.1.0-12. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1764 advisory. A flaw was found in expat. Passing malformed 2- and 3-byte UTF-8 sequences for example, from start tag names to the XML...

Amazon Linux AMI : expat (ALAS-2022-1573)

The version of expat installed on the remote host is prior to 2.1.0-12.27. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2022-1573 advisory. A flaw was found in expat. Passing malformed 2- and 3-byte UTF-8 sequences for example, from start tag names to the XML...

SUSE SLES12 Security Update : expat (SUSE-SU-2022:0698-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0698-1 advisory. - xmltokimpl.c in Expat aka libexpat before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 characte...

Expat has an unspecified vulnerability (CNVD-2022-18356)

Expat is a fast streaming XML parser written in C. A security vulnerability exists in Expat prior to 2.4.5, which stems from a lack of certain encoding validations in xmltokimpl.c. No detailed vulnerability details are currently available...

Cross-Site Scripting (XSS)

libexpat.so is vulnerable to cross-site scripting. The vulnerability exists in CHECKNAMECASE and CHECKNMSTRTCASES functions of xmltokimpl.c because the conditions are not properly validated which allows an attacker to inject and execute javascript...

CVE-2022-25235

xmltokimpl.c in Expat aka libexpat before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context...

CVE-2022-25235

xmltokimpl.c in Expat aka libexpat before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context...

CVE-2022-25235

xmltokimpl.c in Expat aka libexpat before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context...

CVE-2022-25235

xmltokimpl.c in Expat aka libexpat before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context...

Mandriva Update for davfs MDVSA-2009:220-1 (davfs)

Check for the Version of davfs OpenVAS Vulnerability Test Mandriva Update for davfs MDVSA-2009:220-1 davfs Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under th...

Mandriva Security Advisory MDVSA-2009:212-1 (python)

The remote host is missing an update to python announced via advisory MDVSA-2009:212-1. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...

Mandriva Security Advisory MDVSA-2009:212-1 (python)

The remote host is missing an update to python announced via advisory MDVSA-2009:212-1. OpenVAS Vulnerability Test $Id: mdksa20092121.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:212-1 python Authors: Thomas Reinke Copyright: Copyright c 2009 E-So...