Debian Bug report logs -
#1019761
expat: CVE-2022-40674
Package:
src:expat;
Maintainer for src:expat is Laszlo Boszormenyi (GCS) <gcs@debianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Wed, 14 Sep 2022 19:51:02 UTC
Severity: important
Tags: security, upstream
Found in version expat/248-1
F ...
Several security issues were fixed in Firefox ...
Rhodri James discovered a heap use-after-free vulnerability in the
doContent function in Expat, an XML parsing C library, which could
result in denial of service or potentially the execution of arbitrary
code, if a malformed XML file is processed
For the stable distribution (bullseye), this problem has been fixed in
version 2210-2+deb11u4
We re ...
A vulnerability was found in expat With this flaw, it is possible to create a situation in which parsing is suspended while substituting in an internal entity so that XML_ResumeParser directly uses the internalEntityProcessor as its processor If the subsequent parse includes some unclosed tags, this will return without calling storeRawNames to en ...
A vulnerability was found in expat With this flaw, it is possible to create a situation in which parsing is suspended while substituting in an internal entity so that XML_ResumeParser directly uses the internalEntityProcessor as its processor If the subsequent parse includes some unclosed tags, this will return without calling storeRawNames to en ...
A vulnerability was found in expat With this flaw, it is possible to create a situation in which parsing is suspended while substituting in an internal entity so that XML_ResumeParser directly uses the internalEntityProcessor as its processor If the subsequent parse includes some unclosed tags, this will return without calling storeRawNames to en ...
Mozilla Foundation Security Advisory 2022-47
Security Vulnerabilities fixed in Firefox 107
Announced
November 15, 2022
Impact
high
Products
Firefox
Fixed in
Firefox 107
...
Description
The MITRE CVE dictionary describes this issue as:
libexpat before 249 has a use-after-free in the doContent function in xmlparsec ...
Severity
Unknown
Remote
Unknown
Type
Unknown
Description
AVG-2815
expat
248-1
249-1
Unknown
Fixed
githubcom/libexpat/libexpat/pull/629
githubcom/libexpat/libexpat/pull/640
github ...
Synopsis
Important: OpenShift Container Platform 41112 security update
Type/Severity
Security Advisory: Important
Topic
Red Hat OpenShift Container Platform release 41112 is now available with updates to packages and images that fix several bugs and add enhancementsRed Hat Product Security has rated this update as having a security impac ...
Synopsis
Important: compat-expat1 security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for compat-expat1 is now available for Red Hat Enterprise Linux 6 Extended Lifecycle SupportRed Hat Product Secu ...
Synopsis
Important: mingw-expat security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for mingw-expat is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as h ...
Synopsis
Important: thunderbird security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for thunderbird is now available for Red Hat Enterprise Linux 9Red Hat Product Security has rated this update as h ...
Synopsis
Important: thunderbird security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for thunderbird is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as h ...
Synopsis
Important: expat security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for expat is now available for Red Hat Enterprise Linux 81 Update Services for SAP SolutionsRed Hat Product Security ha ...
Synopsis
Important: expat security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for expat is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a secu ...
Synopsis
Important: expat security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for expat is now available for Red Hat Enterprise Linux 6 Extended Lifecycle SupportRed Hat Product Security has rated t ...
Synopsis
Important: thunderbird security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for thunderbird is now available for Red Hat Enterprise Linux 82 Extended Update SupportRed Hat Product Security ...
Synopsis
Important: firefox security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for firefox is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a ...
Synopsis
Important: Service Telemetry Framework 152 security update
Type/Severity
Security Advisory: Important
Topic
An update is now available for Service Telemetry Framework 152Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, which gives a ...
Synopsis
Important: expat security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for expat is now available for Red Hat Enterprise Linux 9Red Hat Product Security has rated this update as having a secu ...
Synopsis
Moderate: OpenShift API for Data Protection (OADP) 105 security and bug fix update
Type/Severity
Security Advisory: Moderate
Topic
OpenShift API for Data Protection (OADP) 105 is now availableRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base ...
Synopsis
Important: thunderbird security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for thunderbird is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as h ...
Synopsis
Important: thunderbird security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for thunderbird is now available for Red Hat Enterprise Linux 84 Extended Update SupportRed Hat Product Security ...
Synopsis
Moderate: Openshift Logging 5313 security and bug fix release
Type/Severity
Security Advisory: Moderate
Topic
An update is now available for OpenShift Logging 53Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed se ...
Synopsis
Important: firefox security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for firefox is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a ...
Synopsis
Moderate: Red Hat Advanced Cluster Management 248 security fixes and container updates
Type/Severity
Security Advisory: Moderate
Topic
Red Hat Advanced Cluster Management for Kubernetes 248 GeneralAvailability release images, which fix security issuesRed Hat Product Security has rated this update as having a security impactof Mo ...
Synopsis
Moderate: Logging Subsystem 554 - Red Hat OpenShift security update
Type/Severity
Security Advisory: Moderate
Topic
Logging Subsystem 554 - Red Hat OpenShiftRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severi ...
Synopsis
Important: thunderbird security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for thunderbird is now available for Red Hat Enterprise Linux 81 Update Services for SAP SolutionsRed Hat Product ...
Synopsis
Important: firefox security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for firefox is now available for Red Hat Enterprise Linux 9Red Hat Product Security has rated this update as having a ...
Synopsis
Important: firefox security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for firefox is now available for Red Hat Enterprise Linux 81 Update Services for SAP SolutionsRed Hat Product Securit ...
Synopsis
Important: firefox security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for firefox is now available for Red Hat Enterprise Linux 82 Extended Update SupportRed Hat Product Security has rate ...
Synopsis
Important: firefox security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for firefox is now available for Red Hat Enterprise Linux 84 Extended Update SupportRed Hat Product Security has rate ...
Synopsis
Important: expat security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for expat is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a secu ...
Synopsis
Important: expat security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for expat is now available for Red Hat Enterprise Linux 82 Extended Update SupportRed Hat Product Security has rated th ...
Synopsis
Important: expat security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for expat is now available for Red Hat Enterprise Linux 84 Extended Update SupportRed Hat Product Security has rated th ...
Synopsis
Important: Red Hat Virtualization Host security update [ovirt-453-1]
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for redhat-release-virtualization-host, redhat-virtualization-host, and redhat-virt ...
Synopsis
Important: OpenShift Container Platform 4950 bug fix and security update
Type/Severity
Security Advisory: Important
Topic
Red Hat OpenShift Container Platform release 4950 is now available withupdates to packages and images that fix several bugs and add enhancementsThis release includes a security update for Red Hat OpenShift Co ...
Synopsis
Moderate: OpenShift API for Data Protection (OADP) 111 security and bug fix update
Type/Severity
Security Advisory: Moderate
Topic
OpenShift API for Data Protection (OADP) 111 is now availableRed Hat Product Security has rated this update as having a security impactof Moderate A Common Vulnerability Scoring System (CVSS) base s ...
Synopsis
Important: OpenShift Virtualization 497 Images security update
Type/Severity
Security Advisory: Important
Topic
Red Hat OpenShift Virtualization release 497 is now available with updates to packages and images that fix several bugs and add enhancementsRed Hat Product Security has rated this update as having a security impact of ...
Synopsis
Moderate: Logging Subsystem 548 - Red Hat OpenShift security update
Type/Severity
Security Advisory: Moderate
Topic
An update is now available for Logging subsystem for Red Hat OpenShift 54Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base scor ...
Synopsis
Important: OpenShift Container Platform 41145 bug fix and security update
Type/Severity
Security Advisory: Important
Topic
Red Hat OpenShift Container Platform release 41145 is now available with updates to packages and images that fix several bugs and add enhancementsThis release includes a security update for Red Hat OpenShift ...
Synopsis
Important: Red Hat JBoss Core Services Apache HTTP Server 2451 SP1 security update
Type/Severity
Security Advisory: Important
Topic
An update is now available for Red Hat JBoss Core ServicesRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base sco ...
Synopsis
Important: OpenShift Virtualization 4120 Images security update
Type/Severity
Security Advisory: Important
Topic
Red Hat OpenShift Virtualization release 412 is now available with updates to packages and images that fix several bugs and add enhancementsRed Hat Product Security has rated this update as having a security impact of ...
概要
Moderate: OpenShift sandboxed containers 131 security fix and bug fix update
タイプ/重大度
Security Advisory: Moderate
トピック
OpenShift sandboxed containers 131 is now available
説明
OpenShift sandboxed containers support for OpenShift Container Platformprovides users with built-in support for running Kata containe ...
Synopsis
Moderate: OpenShift Virtualization 4111 security and bug fix update
Type/Severity
Security Advisory: Moderate
Topic
Red Hat OpenShift Virtualization release 4111 is now available with updates to packages and images that fix several bugs and add enhancementsRed Hat Product Security has rated this update as having a security impac ...
Synopsis
Moderate: Red Hat Advanced Cluster Management 262 security update and bug fixes
Type/Severity
Security Advisory: Moderate
Topic
Red Hat Advanced Cluster Management for Kubernetes 262 GeneralAvailability release images, which fix bugs and update container imagesRed Hat Product Security has rated this update as having a security i ...
ALAS-2022-259
Amazon Linux 2022 Security Advisory: ALAS-2022-259
Advisory Release Date: 2022-12-06 16:45 Pacific
...