Debian Bug report logs -
#1003474
expat: CVE-2022-22822 CVE-2022-22823 CVE-2022-22824 CVE-2022-22825 CVE-2022-22826 CVE-2022-22827
Package:
src:expat;
Maintainer for src:expat is Laszlo Boszormenyi (GCS) <gcs@debianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Mon, 10 Jan 2022 20:09:02 UTC
Severi ...
Several vulnerabilities have been discovered in Expat, an XML parsing C
library, which could result in denial of service or potentially the
execution of arbitrary code, if a malformed XML file is processed
For the oldstable distribution (buster), these problems have been fixed
in version 226-2+deb10u2
For the stable distribution (bullseye), the ...
In doProlog in xmlparsec in Expat (aka libexpat) before 243, an integer overflow exists for m_groupSize (CVE-2021-46143)
addBinding in xmlparsec in Expat (aka libexpat) before 243 has an integer overflow (CVE-2022-22822)
build_model in xmlparsec in Expat (aka libexpat) before 243 has an integer overflow (CVE-2022-22823)
defineAttribute ...
In doProlog in xmlparsec in Expat (aka libexpat) before 243, an integer overflow exists for m_groupSize (CVE-2021-46143)
addBinding in xmlparsec in Expat (aka libexpat) before 243 has an integer overflow (CVE-2022-22822)
build_model in xmlparsec in Expat (aka libexpat) before 243 has an integer overflow (CVE-2022-22823)
defineAttribute ...
Synopsis
Important: expat security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for expat is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a secu ...
Synopsis
Important: Red Hat OpenShift GitOps security update
Type/Severity
Security Advisory: Important
Topic
An update is now available for Red Hat OpenShift GitOps 14OpenShift GitOps v144Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, which ...
Synopsis
Important: Red Hat OpenShift GitOps security update
Type/Severity
Security Advisory: Important
Topic
An update for openshift-gitops-applicationset-container, openshift-gitops-container, openshift-gitops-kam-delivery-container, and openshift-gitops-operator-container is now available for Red Hat OpenShift GitOps 12 (GitOps v123)Re ...
Synopsis
Important: Red Hat JBoss Core Services Apache HTTP Server 2451 security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update is now available for Red Hat JBoss Core ServicesRed Hat Product Security ...
Synopsis
Important: Red Hat JBoss Core Services Apache HTTP Server 2451 security update
Type/Severity
Security Advisory: Important
Topic
An update is now available for Red Hat JBoss Core ServicesRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, ...
Synopsis
Moderate: Migration Toolkit for Containers (MTC) 171 security and bug fix update
Type/Severity
Security Advisory: Moderate
Topic
The Migration Toolkit for Containers (MTC) 171 is now availableRed Hat Product Security has rated this update as having a security impactof Moderate A Common Vulnerability Scoring System (CVSS) base s ...
Synopsis
Important: Red Hat OpenShift GitOps security update
Type/Severity
Security Advisory: Important
Topic
An update is now available for Red Hat OpenShift GitOps 13OpenShift GitOps v136 for OCP 47+Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base ...
Synopsis
Low: Release of OpenShift Serverless Version 1220
Type/Severity
Security Advisory: Low
Topic
OpenShift Serverless version 1220 contains a moderate security impactThe References section contains CVE links providing detailed severity ratings for each vulnerability Ratings are based on a Common Vulnerability Scoring System (CVSS) ...
Synopsis
Moderate: Red Hat Advanced Cluster Management 243 security updates and bug fixes
Type/Severity
Security Advisory: Moderate
Topic
Red Hat Advanced Cluster Management for Kubernetes 243 General Availability release images This update provides security fixes, bug fixes, and updates the container imagesRed Hat Product Security has ...
Synopsis
Moderate: Migration Toolkit for Containers (MTC) 154 security update
Type/Severity
Security Advisory: Moderate
Topic
The Migration Toolkit for Containers (MTC) 154 is now availableRed Hat Product Security has rated this update as having a security impactof Moderate A Common Vulnerability Scoring System (CVSS) base score, whichg ...
Synopsis
Moderate: Red Hat Advanced Cluster Management 238 security and container updates
Type/Severity
Security Advisory: Moderate
Topic
Red Hat Advanced Cluster Management for Kubernetes 238 GeneralAvailability release images, which provide security and container updatesRed Hat Product Security has rated this update as having a securit ...
build_model in xmlparsec in Expat (aka libexpat) before 243 has an integer overflow ...
Nessus leverages third-party software to help provide underlying functionality One of the third-party components (Expat) was found to contain vulnerabilities, and an updated version has been made available by the provider
Out of caution and in line with best practice, Tenable has opted to upgrade the Expat component to address the potential impa ...
In Expat (aka libexpat) before 243, a left shift by 29 (or more) places in the storeAtts function in xmlparsec can lead to realloc misbehavior (eg, allocating too few bytes, or only freeing memory) (CVE-2021-45960)
In doProlog in xmlparsec in Expat (aka libexpat) before 243, an integer overflow exists for m_groupSize (CVE-2021-46143)
addB ...
ALAS-2022-232
Amazon Linux 2022 Security Advisory: ALAS-2022-232
Advisory Release Date: 2022-12-06 16:43 Pacific
...