Lucene search
RedHatRHSA-2024:1615HistoryApr 02, 2024 - 5:25 p.m.
(RHSA-2024:1615) Moderate: expat security update
2024-04-0217:25:56
access.redhat.com
71
expat
security update
xml parsing
denial of service
cve-2023-52425
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
6.9
Confidence
Low
EPSS
0.001
Percentile
38.0%
Expat is a C library for parsing XML documents.
Security Fix(es):
- expat: parsing large tokens can trigger a denial of service (CVE-2023-52425)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 8 | x86_64 | expat-debugsource | < 2.2.5-11.el8_9.1 | expat-debugsource-2.2.5-11.el8_9.1.x86_64.rpm |
| RedHat | 8 | ppc64le | expat-debugsource | < 2.2.5-11.el8_9.1 | expat-debugsource-2.2.5-11.el8_9.1.ppc64le.rpm |
| RedHat | 8 | i686 | expat-devel | < 2.2.5-11.el8_9.1 | expat-devel-2.2.5-11.el8_9.1.i686.rpm |
| RedHat | 8 | x86_64 | expat-debuginfo | < 2.2.5-11.el8_9.1 | expat-debuginfo-2.2.5-11.el8_9.1.x86_64.rpm |
| RedHat | 8 | s390x | expat-debugsource | < 2.2.5-11.el8_9.1 | expat-debugsource-2.2.5-11.el8_9.1.s390x.rpm |
| RedHat | 8 | s390x | expat | < 2.2.5-11.el8_9.1 | expat-2.2.5-11.el8_9.1.s390x.rpm |
| RedHat | 8 | aarch64 | expat | < 2.2.5-11.el8_9.1 | expat-2.2.5-11.el8_9.1.aarch64.rpm |
| RedHat | 8 | i686 | expat-debugsource | < 2.2.5-11.el8_9.1 | expat-debugsource-2.2.5-11.el8_9.1.i686.rpm |
| RedHat | 8 | s390x | expat-devel | < 2.2.5-11.el8_9.1 | expat-devel-2.2.5-11.el8_9.1.s390x.rpm |
| RedHat | 8 | i686 | expat-debuginfo | < 2.2.5-11.el8_9.1 | expat-debuginfo-2.2.5-11.el8_9.1.i686.rpm |
Related
prion
prion
Design/Logic Flaw
2024-02-04 20:15:00
fedora
fedora
[SECURITY] Fedora 38 Update: thunderbird-115.10.1-4.fc38
2024-05-02 01:44:57
[SECURITY] Fedora 38 Update: thunderbird-115.9.0-1.fc38
2024-03-28 01:44:07
[SECURITY] Fedora 39 Update: thunderbird-115.10.1-4.fc39
2024-04-25 01:21:42
openvas
openvas
Fedora: Security Advisory for thunderbird (FEDORA-2024-5d080305ab)
2024-03-28 00:00:00
Fedora: Security Advisory (FEDORA-2024-81c9a3fe50)
2024-05-27 00:00:00
Fedora: Security Advisory for thunderbird (FEDORA-2024-15b892ebd3)
2024-05-27 00:00:00
osv
osv
expat - security update
2024-04-07 00:00:00
Moderate: expat security update
2024-04-05 14:55:53
python312-3.12.3-1.1 on GA media
2024-06-15 00:00:00
ibm
ibm
Security Bulletin: Denial of Service vulnerability in IBM HTTP Server used by WebSphere Application Server affects IBM Business Automation Workflow (CVE-2023-52425)
2024-03-27 15:46:43
nessus
nessus
RHEL 8 : expat (RHSA-2024:1615)
2024-04-02 00:00:00
EulerOS 2.0 SP9 : expat (EulerOS-SA-2024-2363)
2024-09-12 00:00:00
EulerOS 2.0 SP8 : expat (EulerOS-SA-2024-2463)
2024-09-24 00:00:00
f5
f5
K000139630: Expat vulnerability CVE-2023-52425
2024-05-16 00:00:00
cvelist
cvelist
CVE-2023-52425
2024-02-04 00:00:00
redhat
redhat
(RHSA-2024:2575) Moderate: expat security update
2024-04-30 14:00:06
(RHSA-2024:2839) Moderate: expat security update
2024-05-14 15:06:08
(RHSA-2024:4259) Moderate: xmlrpc-c security and bug fix update
2024-07-02 13:57:22
vulnrichment
vulnrichment
CVE-2023-52425
2024-02-04 00:00:00
cve
cve
CVE-2023-52425
2024-02-04 20:15:46
cbl_mariner
cbl_mariner
CVE-2023-52425 affecting package expat for versions less than 2.6.2-1
2024-06-21 09:32:44
CVE-2023-52425 affecting package expat for versions less than 2.6.2-2
2024-04-09 20:48:36
almalinux
almalinux
Moderate: xmlrpc-c security and bug fix update
2024-07-02 00:00:00
Moderate: expat security update
2024-04-02 00:00:00
Moderate: expat security update
2024-03-26 00:00:00
oraclelinux
oraclelinux
xmlrpc-c security and bug fix update
2024-07-02 00:00:00
expat security update
2024-04-03 00:00:00
expat security update
2024-03-26 00:00:00
nvd
nvd
CVE-2023-52425
2024-02-04 20:15:46
redos
redos
ROS-20240820-04
2024-08-20 00:00:00
ROS-20240805-08
2024-08-05 00:00:00
rocky
rocky
expat security update
2024-04-05 14:55:53
ubuntucve
ubuntucve
CVE-2023-52425
2024-02-04 00:00:00
debian
debian
[SECURITY] [DLA 3783-1] expat security update
2024-04-09 04:41:36
alpinelinux
alpinelinux
CVE-2023-52425
2024-02-04 20:15:46
redhatcve
redhatcve
CVE-2023-52425
2024-02-05 23:59:53
veracode
veracode
Denial Of Service
2024-02-11 08:46:00
debiancve
debiancve
CVE-2023-52425
2024-02-04 20:15:46
ubuntu
ubuntu
Expat vulnerabilities
2024-03-14 00:00:00
slackware
slackware
[slackware-security] expat
2024-02-07 20:13:19
[slackware-security] python3
2024-03-20 21:14:26
cloudfoundry
cloudfoundry
USN-6694-1: Expat vulnerabilities | Cloud Foundry
2024-04-04 00:00:00
mageia
mageia
Updated expat packages fix security vulnerabilities
2024-03-18 19:12:23
aix
aix
photon
photon
Important Photon OS Security Update - PHSA-2024-4.0-0581
2024-03-20 00:00:00
Important Photon OS Security Update - PHSA-2024-5.0-0216
2024-02-29 00:00:00
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
6.9
Confidence
Low
EPSS
0.001
Percentile
38.0%
Related for RHSA-2024:1615