Lucene search
RedHatRHSA-2020:2508HistoryJun 10, 2020 - 4:46 p.m.
(RHSA-2020:2508) Moderate: expat security update
2020-06-1016:46:54
access.redhat.com
81
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.033 Low
EPSS
Percentile
91.3%
Expat is a C library for parsing XML documents.
Security Fix(es):
- expat: Integer overflow leading to buffer overflow in XML_GetBuffer() (CVE-2015-2716)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 7 | x86_64 | expat-devel | < 2.1.0-11.el7_7 | expat-devel-2.1.0-11.el7_7.x86_64.rpm |
| RedHat | 7 | ppc | expat-static | < 2.1.0-11.el7_7 | expat-static-2.1.0-11.el7_7.ppc.rpm |
| RedHat | 7 | i686 | expat | < 2.1.0-11.el7_7 | expat-2.1.0-11.el7_7.i686.rpm |
| RedHat | 7 | s390 | expat | < 2.1.0-11.el7_7 | expat-2.1.0-11.el7_7.s390.rpm |
| RedHat | 7 | s390 | expat-static | < 2.1.0-11.el7_7 | expat-static-2.1.0-11.el7_7.s390.rpm |
| RedHat | 7 | ppc64le | expat-devel | < 2.1.0-11.el7_7 | expat-devel-2.1.0-11.el7_7.ppc64le.rpm |
| RedHat | 7 | ppc64 | expat-static | < 2.1.0-11.el7_7 | expat-static-2.1.0-11.el7_7.ppc64.rpm |
| RedHat | 7 | i686 | expat-static | < 2.1.0-11.el7_7 | expat-static-2.1.0-11.el7_7.i686.rpm |
| RedHat | 7 | ppc64 | expat | < 2.1.0-11.el7_7 | expat-2.1.0-11.el7_7.ppc64.rpm |
| RedHat | 7 | i686 | expat-debuginfo | < 2.1.0-11.el7_7 | expat-debuginfo-2.1.0-11.el7_7.i686.rpm |
Related
openvas
openvas
Mozilla Firefox Security Advisory (MFSA2015-54) - Linux
2021-11-11 00:00:00
Python < 2.7.12, 3.3.x < 3.3.7, 3.4.x < 3.4.5, 3.5.x < 3.5.2 Expat 2.1.1 (bpo-26556) - Linux
2021-11-01 00:00:00
Debian: Security Advisory (DLA-281-1)
2023-03-08 00:00:00
centos
centos
expat security update
2020-04-08 17:58:10
thunderbird security update
2015-05-18 14:07:12
firefox security update
2015-05-13 00:01:13
nessus
nessus
Scientific Linux Security Update : expat on SL7.x x86_64 (20200407)
2020-04-21 00:00:00
RHEL 7 : expat (RHSA-2020:1011)
2020-04-01 00:00:00
CentOS 7 : expat (CESA-2020:1011)
2020-04-10 00:00:00
ibm
ibm
Security Bulletin: IBM MQ Appliance is affected by a buffer overflow vulnerability (CVE-2015-2716)
2020-07-23 21:34:53
redhat
redhat
(RHSA-2020:1011) Moderate: expat security update
2020-03-31 09:08:15
(RHSA-2015:1012) Important: thunderbird security update
2015-05-18 00:00:00
(RHSA-2015:0988) Critical: firefox security update
2015-05-12 00:00:00
mozilla
mozilla
Buffer overflow when parsing compressed XML — Mozilla
2015-05-12 00:00:00
oraclelinux
oraclelinux
expat security update
2020-04-06 00:00:00
thunderbird security update
2015-05-19 00:00:00
firefox security update
2015-05-13 00:00:00
osv
osv
expat - security update
2015-07-25 00:00:00
CVE-2016-4472
2016-06-30 17:59:00
icedove - security update
2015-05-19 00:00:00
prion
prion
Buffer overflow
2015-05-14 10:59:00
Integer overflow
2015-07-23 00:59:00
Buffer overflow
2016-06-30 17:59:00
ubuntucve
ubuntucve
nvd
nvd
debiancve
debiancve
CVE-2015-1283
2015-07-23 00:59:12
CVE-2016-4472
2016-06-30 17:59:04
archlinux
archlinux
expat: arbitrary code execution
2016-03-24 00:00:00
thunderbird: multiple issues
2015-05-18 00:00:00
firefox: multiple issues
2015-05-13 00:00:00
amazon
amazon
Medium: expat
2020-05-11 20:41:00
cvelist
cvelist
cve
cve
f5
f5
K15104541 : Expat XML library vulnerability CVE-2015-1283
2016-10-11 00:00:00
K50459349 : Expat XML library vulnerability CVE-2015-2716
2017-02-10 00:00:00
SOL22232964 - Expat XML library vulnerability CVE-2016-4472
2016-10-21 00:00:00
veracode
veracode
Denial Of Service (DoS)
2017-02-01 05:26:42
Denial Of Service (DoS)
2017-03-27 05:30:04
Arbitrary Code Execution
2019-05-02 05:39:09
debian
debian
[SECURITY] [DLA 281-1] expat security update
2015-07-25 14:17:27
[SECURITY] [DSA 3264-1] icedove security update
2015-05-19 21:12:26
[SECURITY] [DSA 3260-1] iceweasel security update
2015-05-13 17:22:46
redhatcve
redhatcve
CVE-2016-4472
2016-06-09 09:48:44
freebsd
freebsd
expat2 -- denial of service
2016-06-09 00:00:00
mozilla -- multiple vulnerabilities
2015-05-12 00:00:00
alpinelinux
alpinelinux
CVE-2016-4472
2016-06-30 17:59:04
ubuntu
ubuntu
Thunderbird vulnerabilities
2015-05-18 00:00:00
Firefox vulnerabilities
2015-05-13 00:00:00
suse
suse
Security update for MozillaFirefox (important)
2015-05-28 12:05:02
Security update for MozillaFirefox (important)
2015-06-01 15:05:51
Update to Firefox 31.7.0esr (important)
2015-05-18 13:04:51
slackware
slackware
[slackware-security] expat
2016-12-24 19:24:21
mageia
mageia
Updated Firefox, Thunderbird & sqlite3 packages fix security vulnerabilities
2015-05-18 22:08:05
Updated iceape packages fix security vulnerabilities
2015-09-08 10:20:40
securityvulns
securityvulns
Mozilla Firefox / Thunderbird / Seamonkey multiple security vulnerabilities
2015-05-13 00:00:00
kaspersky
kaspersky
KLA10584 Multiple vulnerabilities in Mozilla products
2015-05-12 00:00:00
gentoo
gentoo
Mozilla Products: Multiple vulnerabilities
2016-05-31 00:00:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.033 Low
EPSS
Percentile
91.3%
Related for RHSA-2020:2508