CVE-2021-46143

Several vulnerabilities have been discovered in Expat, an XML parsing C library, which could result in denial of service or potentially the execution of arbitrary code, if a malformed XML file is processed For the oldstable distribution (buster), these problems have been fixed in version 226-2+deb10u2 For the stable distribution (bullseye), the ...

In doProlog in xmlparsec in Expat (aka libexpat) before 243, an integer overflow exists for m_groupSize (CVE-2021-46143) addBinding in xmlparsec in Expat (aka libexpat) before 243 has an integer overflow (CVE-2022-22822) build_model in xmlparsec in Expat (aka libexpat) before 243 has an integer overflow (CVE-2022-22823) defineAttribute ...

In doProlog in xmlparsec in Expat (aka libexpat) before 243, an integer overflow exists for m_groupSize (CVE-2021-46143) addBinding in xmlparsec in Expat (aka libexpat) before 243 has an integer overflow (CVE-2022-22822) build_model in xmlparsec in Expat (aka libexpat) before 243 has an integer overflow (CVE-2022-22823) defineAttribute ...

Synopsis Important: expat security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for expat is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a secu ...

Synopsis Important: Red Hat OpenShift GitOps security update Type/Severity Security Advisory: Important Topic An update is now available for Red Hat OpenShift GitOps 14OpenShift GitOps v144Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, which ...

Synopsis Important: Red Hat OpenShift GitOps security update Type/Severity Security Advisory: Important Topic An update for openshift-gitops-applicationset-container, openshift-gitops-container, openshift-gitops-kam-delivery-container, and openshift-gitops-operator-container is now available for Red Hat OpenShift GitOps 12 (GitOps v123)Re ...

Synopsis Important: Red Hat JBoss Core Services Apache HTTP Server 2451 security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update is now available for Red Hat JBoss Core ServicesRed Hat Product Security ...

Synopsis Important: Red Hat JBoss Core Services Apache HTTP Server 2451 security update Type/Severity Security Advisory: Important Topic An update is now available for Red Hat JBoss Core ServicesRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, ...

Synopsis Moderate: Migration Toolkit for Containers (MTC) 171 security and bug fix update Type/Severity Security Advisory: Moderate Topic The Migration Toolkit for Containers (MTC) 171 is now availableRed Hat Product Security has rated this update as having a security impactof Moderate A Common Vulnerability Scoring System (CVSS) base s ...

Synopsis Important: Red Hat OpenShift GitOps security update Type/Severity Security Advisory: Important Topic An update is now available for Red Hat OpenShift GitOps 13OpenShift GitOps v136 for OCP 47+Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base ...

Synopsis Low: Release of OpenShift Serverless Version 1220 Type/Severity Security Advisory: Low Topic OpenShift Serverless version 1220 contains a moderate security impactThe References section contains CVE links providing detailed severity ratings for each vulnerability Ratings are based on a Common Vulnerability Scoring System (CVSS) ...

Synopsis Moderate: Red Hat Advanced Cluster Management 243 security updates and bug fixes Type/Severity Security Advisory: Moderate Topic Red Hat Advanced Cluster Management for Kubernetes 243 General Availability release images This update provides security fixes, bug fixes, and updates the container imagesRed Hat Product Security has ...

Synopsis Moderate: Migration Toolkit for Containers (MTC) 154 security update Type/Severity Security Advisory: Moderate Topic The Migration Toolkit for Containers (MTC) 154 is now availableRed Hat Product Security has rated this update as having a security impactof Moderate A Common Vulnerability Scoring System (CVSS) base score, whichg ...

Synopsis Moderate: Red Hat Advanced Cluster Management 238 security and container updates Type/Severity Security Advisory: Moderate Topic Red Hat Advanced Cluster Management for Kubernetes 238 GeneralAvailability release images, which provide security and container updatesRed Hat Product Security has rated this update as having a securit ...

In doProlog in xmlparsec in Expat (aka libexpat) before 243, an integer overflow exists for m_groupSize ...

Nessus leverages third-party software to help provide underlying functionality One of the third-party components (Expat) was found to contain vulnerabilities, and an updated version has been made available by the provider Out of caution and in line with best practice, Tenable has opted to upgrade the Expat component to address the potential impa ...

In Expat (aka libexpat) before 243, a left shift by 29 (or more) places in the storeAtts function in xmlparsec can lead to realloc misbehavior (eg, allocating too few bytes, or only freeing memory) (CVE-2021-45960) In doProlog in xmlparsec in Expat (aka libexpat) before 243, an integer overflow exists for m_groupSize (CVE-2021-46143) addB ...

ALAS-2022-232 Amazon Linux 2022 Security Advisory: ALAS-2022-232 Advisory Release Date: 2022-12-06 16:43 Pacific ...