Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBMAC1AFA7F6C5D615F1B0EE8B9E830B41AB753EB647A9296E2E670BA2525D734B1
HistoryOct 18, 2019 - 3:10 a.m.

Security Bulletin:Vulnerabilities in Open Source James Clark Expat affect IBM Netezza Analytics

2019-10-1803:10:29
www.ibm.com
20

EPSS

0.005

Percentile

77.1%

JSON

Summary

Open Source James Clark Expat is consumed by IBM Netezza Analytics and is vulnerable to denial of service. IBM Netezza Analytics has addressed the applicable CVEs

Vulnerability Details

CVEID: CVE-2013-0340**
DESCRIPTION:** Expat is vulnerable to a denial of service, caused by the improper handling of internal entity expansion. By persuading a victim to open a specially crafted XML document, an attacker could exploit this vulnerability to consume all available resources.
CVSS Base Score: 4.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/132738&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:P)

CVEID: CVE-2013-0341**
DESCRIPTION:** Expat is vulnerable to a denial of service, caused by the improper handling of external entity expansion. By persuading a victim to open a specially crafted XML document, an attacker could exploit this vulnerability to consume all available resources.
CVSS Base Score: 4.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/132741&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:P)

Affected Products and Versions

  • IBM Netezza Analytics 1.2.1 - 3.2.1

Remediation/Fixes

Product VRMF Remediation/First Fix
IBM Netezza Analytics 3.2.2 Link to Fix Central

Workarounds and Mitigations

None

Related

nessus 17
ibm 10
prion 3
nvd 3
cve 3
cvelist 3
debiancve 1
slackware 1
veracode 1
openvas 10
freebsd 4
cbl_mariner 1
ubuntucve 1
mageia 1
osv 2
gentoo 1
apple 6
androidsecurity 1
ics 1
avleonov 1
nessus
nessus
IBM Netezza Analytics Open Source James Clark Expat Multiple Vulnerabilities (swg22012645)
2018-02-09 00:00:00
Slackware 14.0 / 14.1 / 14.2 / current : expat (SSA:2021-143-01)
2021-05-24 00:00:00
EulerOS Virtualization 2.9.1 : expat (EulerOS-SA-2021-2756)
2021-11-17 00:00:00
ibm
ibm
Security Bulletin: IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise edition are affected by James Clark Expat Vulnerabilities
2018-06-17 22:33:38
Security Bulletin: IBM Prospect is affected by Expat XML Parser vulnerability (CVE-2013-0340)
2018-06-17 15:49:59
Security Bulletin: IBM Security SiteProtector System is affected by multiple Apache HTTP Server Vulnerabilities
2022-12-06 06:59:00
prion
prion
Design/Logic Flaw
2013-09-26 14:16:00
Xxe
2014-01-21 18:55:00
Code injection
2021-10-07 16:15:00
nvd
nvd
CVE-2013-0341
2013-09-26 14:16:22
CVE-2013-0340
2014-01-21 18:55:09
CVE-2021-40439
2021-10-07 16:15:09
cve
cve
CVE-2013-0341
2013-09-26 14:16:22
CVE-2013-0340
2014-01-21 18:55:09
CVE-2021-40439
2021-10-07 16:15:09
cvelist
cvelist
CVE-2013-0341
2013-09-26 10:00:00
CVE-2013-0340
2014-01-21 18:00:00
CVE-2021-40439 Billion Laughs
2021-10-07 15:50:12
debiancve
debiancve
CVE-2013-0340
2014-01-21 18:55:09
slackware
slackware
[slackware-security] expat
2021-05-23 19:55:46
veracode
veracode
XML External Entities (XXE)
2019-06-12 07:55:17
openvas
openvas
Huawei EulerOS: Security Advisory for expat (EulerOS-SA-2021-2756)
2021-11-17 00:00:00
Huawei EulerOS: Security Advisory for expat (EulerOS-SA-2021-2548)
2021-09-28 00:00:00
Huawei EulerOS: Security Advisory for expat (EulerOS-SA-2021-2524)
2021-09-28 00:00:00
freebsd
freebsd
Python -- multiple vulnerabilities
2021-08-30 00:00:00
Python -- multiple vulnerabilities
2021-08-30 00:00:00
texproc/expat2 -- billion laugh attack
2013-02-21 00:00:00
cbl_mariner
cbl_mariner
CVE-2013-0340 affecting package expat 2.2.6-4
2022-01-10 03:59:19
ubuntucve
ubuntucve
CVE-2013-0340
2014-01-21 00:00:00
mageia
mageia
Updated python3 packages fix security vulnerability
2021-09-23 07:49:29
osv
osv
expat-2.4.1-1.2 on GA media
2024-06-15 00:00:00
python38-3.8.12-1.2 on GA media
2024-06-15 00:00:00
gentoo
gentoo
Expat: Multiple vulnerabilities
2017-01-11 00:00:00
apple
apple
About the security content of Security Update 2021-005 Catalina
2021-09-13 00:00:00
About the security content of iOS 14.8 and iPadOS 14.8
2021-09-13 00:00:00
About the security content of watchOS 8
2021-09-20 00:00:00
androidsecurity
androidsecurity
Android 13 Security Release Notes
2022-07-25 00:00:00
ics
ics
Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1
2023-12-14 12:00:00
avleonov
avleonov
Scanvus now supports Vulners and Vulns.io VM Linux vulnerability detection APIs
2022-12-30 18:03:13

EPSS

0.005

Percentile

77.1%

JSON
Related for AC1AFA7F6C5D615F1B0EE8B9E830B41AB753EB647A9296E2E670BA2525D734B1
nessus17ibm10prion3nvd3cve3cvelist3debiancve1slackware1veracode1openvas10freebsd4cbl_mariner1ubuntucve1mageia1osv2gentoo1apple6androidsecurity1ics1avleonov1