Download
| Alert*
oval:org.secpod.oval:def:85591
Mozilla Firefox 107 : A flaw in XML parsing could have led to a use-after-free causing a potentially exploitable crash. oval:org.secpod.oval:def:2600015 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. oval:org.secpod.oval:def:507188 Expat is a C library for parsing XML documents. Security Fix: * expat: a use-after-free in the doContent function in xmlparse.c For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the Referenc ... oval:org.secpod.oval:def:2600097 Mozilla Thunderbird is a standalone mail and newsgroup client. oval:org.secpod.oval:def:5800061 Expat is a C library for parsing XML documents. Security Fix: * expat: a use-after-free in the doContent function in xmlparse.c For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the Referenc ... oval:org.secpod.oval:def:4501121 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.3.0. Security Fix: * expat: a use-after-free in the doContent function in xmlparse.c For more details about the security issue, including the impact, a CVSS score, acknowledgments, and oth ... oval:org.secpod.oval:def:610167 Rhodri James discovered a heap use-after-free vulnerability in the doContent function in Expat, an XML parsing C library, which could result in denial of service or potentially the execution of arbitrary code, if a malformed XML file is processed. oval:org.secpod.oval:def:205984 Security Fix: expat: a use-after-free in the doContent function in xmlparse.c For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. oval:org.secpod.oval:def:85589 The host is missing a high severity security update according to the Mozilla advisory MFSA2022-47 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows an attacker to have unspecified imp ... oval:org.secpod.oval:def:1701062 A vulnerability was found in expat. With this flaw, it is possible to create a situation in which parsing is suspended while substituting in an internal entity so that XML_ResumeParser directly uses the internalEntityProcessor as its processor. If the subsequent parse includes some unclosed tags, th ... oval:org.secpod.oval:def:4500949 Expat is a C library for parsing XML documents. Security Fix: * expat: a use-after-free in the doContent function in xmlparse.c For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the Referenc ... oval:org.secpod.oval:def:2501066 Expat is a C library for parsing XML documents. The mingw-expat packages provide a port of the Expat library for MinGW. oval:org.secpod.oval:def:507192 Expat is a C library for parsing XML documents. Security Fix: * expat: a use-after-free in the doContent function in xmlparse.c For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the Referenc ... oval:org.secpod.oval:def:507190 Expat is a C library for parsing XML documents. Security Fix: * expat: a use-after-free in the doContent function in xmlparse.c For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the Referenc ... oval:org.secpod.oval:def:507196 Expat is a C library for parsing XML documents. Security Fix: * expat: a use-after-free in the doContent function in xmlparse.c For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the Referenc ... oval:org.secpod.oval:def:3300832 SUSE Security Update: Security update for expat oval:org.secpod.oval:def:1506072 [102.3.0-7.0.1] - Removed Upstream references - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file [102.3.0-7] - Fix for expat CVE-2022-40674 and non functional webrtc oval:org.secpod.oval:def:1506194 [102.5.0-2.0.1] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js [102.5.0-2] - Update to 102.5.0 build2 [102.5.0-1] - Update to 102.5.0 build1 [102.4.0-1] - Update to 102.4.0 build1 [102.3.0-4] - Fix for expat CVE-2022-40674 oval:org.secpod.oval:def:1506195 [102.5.0-1.0.1] - Updated homepages to use https [Orabug: 34648274] [102.5.0-1] - Update to 102.5.0 build1 [102.4.0-1] - Update to 102.4.0 build1 [102.3.0-7] - Fix for expat CVE-2022-40674 and non functional webrtc oval:org.secpod.oval:def:1601601 A vulnerability was found in expat. With this flaw, it is possible to create a situation in which parsing is suspended while substituting in an internal entity so that XML_ResumeParser directly uses the internalEntityProcessor as its processor. If the subsequent parse includes some unclosed tags, th ... oval:org.secpod.oval:def:1506075 [102.3.0-4.0.1] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js [102.3.0-4] - Fix for expat CVE-2022-40674 oval:org.secpod.oval:def:1506070 [102.3.0-4.0.1] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js [102.3.0-4] - Fix for expat CVE-2022-40674 oval:org.secpod.oval:def:1506071 [102.3.0-7.0.1] - Removed Upstream references - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file [102.3.0-7] - Fix for expat CVE-2022-40674 and non functional webrtc oval:org.secpod.oval:def:124305 This is expat, the C library for parsing XML, written by James Clark. Expat is a stream oriented XML parser. This means that you register handlers with the parser prior to starting the parse. These handlers are called when the parser discovers the associated structures in the document being parsed. ... oval:org.secpod.oval:def:1506112 [102.3.0-4.0.1] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Enabled aarch64 build [102.3.0-4] - Fix for expat CVE-2022-40674 [102.3.0-3] - Update to 102.3.0 build1 oval:org.secpod.oval:def:89047036 This update for expat fixes the following issues: - CVE-2022-40674: Fixed use-after-free in the doContent function in xmlparse.c . oval:org.secpod.oval:def:88406 Rhodri James discovered a heap use-after-free vulnerability in the doContent function in Expat, an XML parsing C library, which could result in denial of service or potentially the execution of arbitrary code, if a malformed XML file is processed. oval:org.secpod.oval:def:88601 expat: XML parsing C library Details: USN-5638-1 fixed a vulnerability in Expat. This update provides the corresponding updates for Linux Mint 19.x LTS, Linux Mint 20.x LTS and Linux Mint 21.x LTS. Original advisory Expat could be made to crash or execute arbitrary code. oval:org.secpod.oval:def:1506119 [102.3.0-7.0.1] - Remove upstream references [Orabug: 30143292] - Update distribution for Oracle Linux [Orabug: 30143292] - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file [102.3.0-7] - Fix for expat CVE-2022-40674 and non functional webrtc oval:org.secpod.oval:def:707811 expat: XML parsing C library Details: USN-5638-1 fixed a vulnerability in Expat. This update provides the corresponding updates for Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. Original advisory Expat could be made to crash or execute arbitrary code. oval:org.secpod.oval:def:507204 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.3.0. Security Fix: * expat: a use-after-free in the doContent function in xmlparse.c For more details about the security issue, including the impact, a CVSS score, acknowledgments, and oth ... oval:org.secpod.oval:def:507203 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.3.0. Security Fix: * expat: a use-after-free in the doContent function in xmlparse.c For more details about the security issue, including the impact, a CVSS score, acknowledgments, and oth ... oval:org.secpod.oval:def:4501100 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.3.0 ESR. Security Fix: * expat: a use-after-free in the doContent function in xmlparse.c For more details about the security issue, including t ... oval:org.secpod.oval:def:89047739 This update for expat fixes the following issues: - CVE-2022-40674: Fixed use-after-free in the doContent function in xmlparse.c . oval:org.secpod.oval:def:507201 Expat is a C library for parsing XML documents. Security Fix: * expat: a use-after-free in the doContent function in xmlparse.c For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the Referenc ... oval:org.secpod.oval:def:507208 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.3.0. Security Fix: * expat: a use-after-free in the doContent function in xmlparse.c For more details about the security issue, including the impact, a CVSS score, acknowledgments, and oth ... oval:org.secpod.oval:def:507207 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.3.0 ESR. Security Fix: * expat: a use-after-free in the doContent function in xmlparse.c For more details about the security issue, including t ... oval:org.secpod.oval:def:507206 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.3.0 ESR. Security Fix: * expat: a use-after-free in the doContent function in xmlparse.c For more details about the security issue, including t ... oval:org.secpod.oval:def:1506049 [2.1.0-15.0.1] - lib: Prevent integer overflow in doProlog [CVE-2022-23990][Orabug: 33910302] [2.1.0-15] - Ensure raw tagnames are safe exiting internalEntityParser - Resolves: CVE-2022-40674 oval:org.secpod.oval:def:507205 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.3.0 ESR. Security Fix: * expat: a use-after-free in the doContent function in xmlparse.c For more details about the security issue, including t ... oval:org.secpod.oval:def:1506121 [1.95.8-8.0.1] - Ensure raw tagnames are safe exiting internalEntityParser [CVE-2022-40674][Orabug: 34708578] oval:org.secpod.oval:def:1506122 [2.0.1-13.0.2] - Ensure raw tagnames are safe exiting internalEntityParser [CVE-2022-40674][Orabug: 34694174] oval:org.secpod.oval:def:2500799 Expat is a C library for parsing XML documents. oval:org.secpod.oval:def:1701088 A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of when receiving an HTML email that contained an iframe element, which used a srcdoc attribute to define the internal HTML document, remote objects specified in the nested document , were not blocked. Rather, ... oval:org.secpod.oval:def:2500815 Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. oval:org.secpod.oval:def:2500814 Mozilla Thunderbird is a standalone mail and newsgroup client. oval:org.secpod.oval:def:124281 This is expat, the C library for parsing XML, written by James Clark. Expat is a stream oriented XML parser. This means that you register handlers with the parser prior to starting the parse. These handlers are called when the parser discovers the associated structures in the document being parsed. ... oval:org.secpod.oval:def:2600043 Expat is a C library for parsing XML documents. oval:org.secpod.oval:def:1506053 [ 2.2.10-12.3] - Ensure raw tagnames are safe exiting internalEntityParser - Resolves: CVE-2022-40674 oval:org.secpod.oval:def:1506059 [2.2.5-8.0.1.3] - lib: Prevent integer overflow in doProlog [CVE-2022-23990][Orabug: 33910314] [2.2.5-8.3] - Ensure raw tagnames are safe exiting internalEntityParser - Resolves: CVE-2022-40674 oval:org.secpod.oval:def:2107839 Oracle Solaris 11 - ( CVE-2022-40674 ) oval:org.secpod.oval:def:89047058 This update for expat fixes the following issues: - CVE-2022-40674: Fixed use-after-free in the doContent function in xmlparse.c . oval:org.secpod.oval:def:707805 firefox: Mozilla Open Source web browser Several security issues were fixed in Firefox. oval:org.secpod.oval:def:124362 This is expat, the C library for parsing XML, written by James Clark. Expat is a stream oriented XML parser. This means that you register handlers with the parser prior to starting the parse. These handlers are called when the parser discovers the associated structures in the document being parsed. ... oval:org.secpod.oval:def:124361 This is expat, the C library for parsing XML, written by James Clark. Expat is a stream oriented XML parser. This means that you register handlers with the parser prior to starting the parse. These handlers are called when the parser discovers the associated structures in the document being parsed. ... oval:org.secpod.oval:def:1506216 [102.5.0-1.0.1] - Updated homepages to use https [Orabug: 34648274] - Removed Upstream references - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file [102.5.0-1] - Update to 102.5.0 build1 [102.4.0-1] - Update to 102.4.0 build1 [102.3.0-7] - Fix for expat CVE-2022-40674 a ... oval:org.secpod.oval:def:86522 firefox: Mozilla Open Source web browser Several security issues were fixed in Firefox. oval:org.secpod.oval:def:97679 [CLSA-2022:1664193203] Fixed CVE-2022-40674 in expat oval:org.secpod.oval:def:1701727 A vulnerability was found in expat. With this flaw, it is possible to create a situation in which parsing is suspended while substituting in an internal entity so that XML_ResumeParser directly uses the internalEntityProcessor as its processor. If the subsequent parse includes some unclosed tags, th ... oval:org.secpod.oval:def:85567 The host is missing a high severity security update according to the Mozilla advisory MFSA2022-47 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle unspecified vectors. Successful exploitation allows an attacker to have unspecified imp ... oval:org.secpod.oval:def:85569 Mozilla Firefox 107 : A flaw in XML parsing could have led to a use-after-free causing a potentially exploitable crash. oval:org.secpod.oval:def:19500049 In Expat before 2.4.3, a left shift by 29 places in the storeAtts function in xmlparse.c can lead to realloc misbehavior . In doProlog in xmlparse.c in Expat before 2.4.3, an integer overflow exists for m_groupSize. addBinding in xmlparse.c in Expat before 2.4.3 has an integer overflow. build_mo ... oval:org.secpod.oval:def:86654 The host is missing a patch containing a security fixes, which affects the following package(s): Python |