Описание
Moderate: xmlrpc-c security and bug fix update
XML-RPC is a remote procedure call (RPC) protocol that uses XML to encode its calls and HTTP as a transport mechanism. The xmlrpc-c packages provide a network protocol to allow a client program to make a simple RPC (remote procedure call) over the Internet. It converts an RPC into an XML document, sends it to a remote server using HTTP, and gets back the response in XML.
Security Fix(es):
- expat: parsing large tokens can trigger a denial of service (CVE-2023-52425)
Затронутые продукты
Rocky Linux 8
Связанные CVE
Исправления
- Red Hat - 2262877
Связанные уязвимости
libexpat through 2.5.0 allows a denial of service (resource consumption) because many full reparsings are required in the case of a large token for which multiple buffer fills are needed.
libexpat through 2.5.0 allows a denial of service (resource consumption) because many full reparsings are required in the case of a large token for which multiple buffer fills are needed.
libexpat through 2.5.0 allows a denial of service (resource consumption) because many full reparsings are required in the case of a large token for which multiple buffer fills are needed.
libexpat through 2.5.0 allows a denial of service (resource consumptio ...