Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cloudfoundryCloud FoundryCFOUNDRY:21BFDCCE9261A7005B811F988D3B9279
HistoryJul 13, 2016 - 12:00 a.m.

USN-3010-1 Expat vulnerabilities | Cloud Foundry

2016-07-1300:00:00
Cloud Foundry
www.cloudfoundry.org
22

0.007 Low

EPSS

Percentile

81.0%

JSON

USN-3010-1 Expat vulnerabilities

Medium

Vendor

expat – XML parsing C library, Canonical Ubuntu

Versions Affected

  • Canonical Ubuntu 14.04 LTS

Description

It was discovered that Expat unexpectedly called srand in certain circumstances. This could reduce the security of calling applications. (CVE-2012-6702)

It was discovered that Expat incorrectly handled seeding the random number generator. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2016-5300)

Affected Products and Versions

_Severity is medium unless otherwise noted.
_

  • All versions of Cloud Foundry cflinuxfs2 prior to v.1.67.0

Mitigation

Users are strongly encouraged to follow the mitigation below:

  • The Cloud Foundry project recommends that Cloud Foundry deployments run with cflinuxfs2 v.1.67.0 or later versions

References

Related

openvas 25
ibm 12
nessus 32
ubuntu 2
osv 4
ubuntucve 2
debian 3
mageia 1
archlinux 2
freebsd 2
fedora 3
f5 4
debiancve 2
cve 2
cvelist 2
nvd 2
prion 2
alpinelinux 2
veracode 2
slackware 2
gentoo 1
redhatcve 1
apple 4
suse 3
androidsecurity 1
oracle 2
openvas
openvas
Ubuntu: Security Advisory (USN-3010-1)
2016-06-21 00:00:00
Debian: Security Advisory (DSA-3597-1)
2016-06-06 00:00:00
Debian: Security Advisory (DLA-508-1)
2023-03-08 00:00:00
ibm
ibm
Security Bulletin: Vulnerabilities in Expat affect Intel (R) Manycore Platform Software Stack (MPSS) for Linux and Windows
2019-01-31 02:25:02
Security Bulletin: IBM Dynamic System Analysis (DSA) Preboot is affected by vulnerabilities in expat (CVE-2012-6702 CVE-2016-5300).
2019-01-31 02:25:02
Security Bulletin: Security vulnerabilities have been identified in IBM Tivoli Monitoring shipped with IBM Cloud Orchestrator Enterprise (CVE-2012-6702, CVE-2016-5300)
2018-06-17 22:33:28
nessus
nessus
Ubuntu 14.04 LTS / 16.04 LTS : Expat vulnerabilities (USN-3010-1)
2016-06-21 00:00:00
Debian DSA-3597-1 : expat - security update
2016-06-08 00:00:00
FreeBSD : expat -- multiple vulnerabilities (c9c252f5-2def-11e6-ae88-002590263bf5)
2016-06-09 00:00:00
ubuntu
ubuntu
Expat vulnerabilities
2016-06-20 00:00:00
XML-RPC for C and C++ vulnerabilities
2016-06-20 00:00:00
osv
osv
expat - security update
2016-06-08 00:00:00
expat - security update
2016-06-07 00:00:00
CVE-2012-6702
2016-06-16 18:59:00
ubuntucve
ubuntucve
CVE-2016-5300
2016-06-06 00:00:00
CVE-2012-6702
2012-12-31 00:00:00
debian
debian
[SECURITY] [DSA 3597-1] expat security update
2016-06-07 16:44:57
[SECURITY] [DLA 508-1] expat security update
2016-06-08 09:29:13
[SECURITY] [DSA 3597-1] expat security update
2016-06-07 16:44:57
mageia
mageia
Updated expat packages fix security vulnerabilities
2016-06-17 08:58:14
archlinux
archlinux
expat: multiple issues
2016-06-13 00:00:00
lib32-expat: multiple issues
2016-06-13 00:00:00
freebsd
freebsd
expat -- multiple vulnerabilities
2016-03-18 00:00:00
Python 2.7 -- multiple vulnerabilities
2017-08-26 00:00:00
fedora
fedora
[SECURITY] Fedora 24 Update: expat-2.1.1-2.fc24
2016-06-21 19:27:49
[SECURITY] Fedora 23 Update: expat-2.1.1-2.fc23
2016-06-19 07:27:54
[SECURITY] Fedora 22 Update: expat-2.1.1-2.fc22
2016-07-12 02:27:38
f5
f5
SOL65460334 - Expat XML parser vulnerability CVE-2012-6702
2016-09-06 00:00:00
K65460334 : Expat XML parser vulnerability CVE-2012-6702
2016-09-06 00:00:00
K70938105 : Expat XML library vulnerability CVE-2016-5300
2016-10-26 00:00:00
debiancve
debiancve
CVE-2012-6702
2016-06-16 18:59:00
CVE-2016-5300
2016-06-16 18:59:10
cve
cve
CVE-2012-6702
2016-06-16 18:59:00
CVE-2016-5300
2016-06-16 18:59:10
cvelist
cvelist
CVE-2012-6702
2016-06-16 18:00:00
CVE-2016-5300
2016-06-16 18:00:00
nvd
nvd
CVE-2012-6702
2016-06-16 18:59:00
CVE-2016-5300
2016-06-16 18:59:10
prion
prion
Design/Logic Flaw
2016-06-16 18:59:00
Code injection
2016-06-16 18:59:00
alpinelinux
alpinelinux
CVE-2012-6702
2016-06-16 18:59:00
CVE-2016-5300
2016-06-16 18:59:10
veracode
veracode
Weak Cryptographic Protection
2016-06-08 07:23:46
Denial Of Service (DoS)
2017-02-01 06:06:40
slackware
slackware
[slackware-security] expat
2016-12-24 19:24:21
[slackware-security] python
2018-05-04 20:53:50
gentoo
gentoo
Expat: Multiple vulnerabilities
2017-01-11 00:00:00
redhatcve
redhatcve
CVE-2016-5300
2016-06-06 13:18:38
apple
apple
About the security content of iTunes 12.6
2017-03-21 00:00:00
About the security content of iTunes 12.6 - Apple Support
2017-03-22 07:40:40
About the security content of iTunes 12.6 for Windows
2017-03-21 00:00:00
suse
suse
Security update for SLES 12-SP2 Docker image (important)
2017-10-11 03:08:09
Security update for SLES 12-SP1 Docker image (important)
2017-10-11 03:07:32
Security update for SLES 12 Docker image (important)
2017-10-11 03:06:53
androidsecurity
androidsecurity
Android Security Bulletin—November 2016
2016-11-07 00:00:00
oracle
oracle
CPU July 2018
2018-07-17 00:00:00
Oracle Critical Patch Update Advisory - October 2020
2020-10-20 00:00:00

0.007 Low

EPSS

Percentile

81.0%

JSON
Related for CFOUNDRY:21BFDCCE9261A7005B811F988D3B9279
openvas25ibm12nessus32ubuntu2osv4ubuntucve2debian3mageia1archlinux2freebsd2fedora3f54debiancve2cve2cvelist2nvd2prion2alpinelinux2veracode2slackware2gentoo1redhatcve1apple4suse3androidsecurity1oracle2