Site icon API Security Blog

RHEL 8 : expat (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. expat: Stack exhaustion in doctype parsing (CVE-2022-25313) libexpat through 2.5.0 allows recursive XML Entity Expansion if XML_DTD is undefined at compile time. (CVE-2023-52426) Note that Nessus has not tested for these issues but has instead relied on the package manager's report that the package is…Read More

Exit mobile version