ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2024.0072
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2024-0072)
Resumen:	The remote host is missing an update for the 'expat' package(s) announced via the MGASA-2024-0072 advisory.
Descripción:	Summary: The remote host is missing an update for the 'expat' package(s) announced via the MGASA-2024-0072 advisory. Vulnerability Insight: It was discovered that Expat could be made to consume large amounts of resources. If a user or automated system were tricked into processing specially crafted input, an attacker could possibly use this issue to cause a denial of service. (CVE-2023-52425, CVE-2024-28757) Affected Software/OS: 'expat' package(s) on Mageia 9. Solution: Please install the updated package(s). CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2023-52425 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WNUBSGZFEZOBHJFTAD42SAN4ATW2VEMV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PNRIHC7DVVRAIWFRGV23Y6UZXFBXSQDB/ https://github.com/libexpat/libexpat/pull/789 https://lists.debian.org/debian-lts-announce/2024/04/msg00006.html http://www.openwall.com/lists/oss-security/2024/03/20/5 Common Vulnerability Exposure (CVE) ID: CVE-2024-28757 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LKJ7V5F6LJCEQJXDBWGT27J7NAP3E3N7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FPLC6WDSRDUYS7F7JWAOVOHFNOUQ43DD/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VK2O34GH43NTHBZBN7G5Y6YKJKPUCTBE/ https://github.com/libexpat/libexpat/issues/839 https://github.com/libexpat/libexpat/pull/842 http://www.openwall.com/lists/oss-security/2024/03/15/1
Copyright	Copyright (C) 2024 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.