Download
| Alert*
|
oval:org.secpod.oval:def:78381
Several vulnerabilities have been discovered in Expat, an XML parsing C library, which could result in denial of service or potentially the execution of arbitrary code, if a malformed XML file is processed. oval:org.secpod.oval:def:605886 Several vulnerabilities have been discovered in Expat, an XML parsing C library, which could result in denial of service or potentially the execution of arbitrary code, if a malformed XML file is processed. oval:org.secpod.oval:def:1700851 expat is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability, confidentiality and inte ... oval:org.secpod.oval:def:89045983 This update for expat fixes the following issues: - CVE-2022-23852: Fixed signed integer overflow in XML_GetBuffer . - CVE-2022-23990: Fixed integer overflow in the doProlog function . oval:org.secpod.oval:def:89047489 This update for expat fixes the following issues: - CVE-2022-23852: Fixed signed integer overflow in XML_GetBuffer . - CVE-2022-23990: Fixed integer overflow in the doProlog function . oval:org.secpod.oval:def:1601517 expat is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability, confidentiality and inte ... oval:org.secpod.oval:def:89046084 This update for expat fixes the following issues: - CVE-2022-23852: Fixed signed integer overflow in XML_GetBuffer . - CVE-2022-23990: Fixed integer overflow in the doProlog function . oval:org.secpod.oval:def:89046041 This update for expat fixes the following issues: - CVE-2022-23852: Fixed signed integer overflow in XML_GetBuffer . - CVE-2022-23990: Fixed integer overflow in the doProlog function . oval:org.secpod.oval:def:78540 Expat is a C library for parsing XML documents. Security Fix: * expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution * expat: Namespace-separator characters in xmlns[:prefix] attribute values can lead to arbitrary code execution * expat: Integer overflow in storeRawN ... oval:org.secpod.oval:def:78343 Expat is a C library for parsing XML documents. Security Fix: * expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution * expat: Namespace-separator characters in xmlns[:prefix] attribute values can lead to arbitrary code execution * expat: Integer overflow in storeRawN ... oval:org.secpod.oval:def:19500049 In Expat before 2.4.3, a left shift by 29 places in the storeAtts function in xmlparse.c can lead to realloc misbehavior . In doProlog in xmlparse.c in Expat before 2.4.3, an integer overflow exists for m_groupSize. addBinding in xmlparse.c in Expat before 2.4.3 has an integer overflow. build_mo ... oval:org.secpod.oval:def:506735 Expat is a C library for parsing XML documents. Security Fix: * expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution * expat: Namespace-separator characters in xmlns[:prefix] attribute values can lead to arbitrary code execution * expat: Integer overflow in storeRawN ... oval:org.secpod.oval:def:78417 expat: XML parsing C library Several security issues were fixed in Expat. oval:org.secpod.oval:def:86653 The host is missing a patch containing a security fixes, which affects the following package(s): Python oval:org.secpod.oval:def:1505518 [2.1.0-14.0.1] - lib: Prevent integer overflow in doProlog [CVE-2022-23990][Orabug: 33910302] [2.1.0-14] - Fix multiple CVEs - CVE-2022-25236 expat: namespace-separator characters in xmlns[:prefix] attribute values can lead to arbitrary code execution - CVE-2022-25235 expat: malformed 2- and 3-byte ... oval:org.secpod.oval:def:4500908 Expat is a C library for parsing XML documents. Security Fix: * expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution * expat: Namespace-separator characters in "xmlns[:prefix]" attribute values can lead to arbitrary code execution * expat: Integer overflow in storeRa ... oval:org.secpod.oval:def:2500713 Expat is a C library for parsing XML documents. oval:org.secpod.oval:def:97671 [CLSA-2022:1660762248] Fixed 13 CVEs in expat oval:org.secpod.oval:def:506805 Expat is a C library for parsing XML documents. Security Fix: * expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution * expat: Namespace-separator characters in xmlns[:prefix] attribute values can lead to arbitrary code execution * expat: Integer overflow in storeRawN ... oval:org.secpod.oval:def:2107539 Oracle Solaris 11 - ( CVE-2022-23852 ) oval:org.secpod.oval:def:1505501 [2.2.5-4.3] - Improve fix for CVE-2022-25236 - Related: CVE-2022-25236 [2.2.5-4.2] - Fix multiple CVEs - Resolves: CVE-2022-25236 - Resolves: CVE-2022-25235 - Resolves: CVE-2022-25315 [2.2.5-4.1] - Fix multiple CVEs - CVE-2022-23852 expat: integer overflow in function XML_GetBuffer - CVE-2021-45960 ... oval:org.secpod.oval:def:706318 expat: XML parsing C library Several security issues were fixed in Expat. |
