{ "threat_severity" : "Moderate", "public_date" : "2019-06-24T00:00:00Z", "bugzilla" : { "description" : "expat: large number of colons in input makes parser consume high amount of resources, leading to DoS", "id" : "1723723", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1723723" }, "cvss3" : { "cvss3_base_score" : "7.5", "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "status" : "verified" }, "cwe" : "CWE-400", "details" : [ "In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing (enough to be usable for denial-of-service attacks).", "It was discovered that the \"setElementTypePrefix()\" function incorrectly extracted XML namespace prefixes. By tricking an application into processing a specially crafted XML file, an attacker could cause unusually high consumption of memory resources and possibly lead to a denial of service." ], "statement" : "When processing a specially crafted XML file, expat may use more memory than ultimately necessary, which can also lead to increased CPU usage and longer processing times. Depending on available system resources and configuration, this may also lead to the application triggering the Out-Of-Memory-Killer, causing the application to be terminated.", "affected_release" : [ { "product_name" : "JBoss Core Services on RHEL 6", "release_date" : "2020-06-22T00:00:00Z", "advisory" : "RHSA-2020:2644", "cpe" : "cpe:/a:redhat:jboss_core_services:1::el6", "package" : "jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6" }, { "product_name" : "JBoss Core Services on RHEL 6", "release_date" : "2020-06-22T00:00:00Z", "advisory" : "RHSA-2020:2644", "cpe" : "cpe:/a:redhat:jboss_core_services:1::el6", "package" : "jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6" }, { "product_name" : "JBoss Core Services on RHEL 6", "release_date" : "2020-06-22T00:00:00Z", "advisory" : "RHSA-2020:2644", "cpe" : "cpe:/a:redhat:jboss_core_services:1::el6", "package" : "jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6" }, { "product_name" : "JBoss Core Services on RHEL 6", "release_date" : "2020-06-22T00:00:00Z", "advisory" : "RHSA-2020:2644", "cpe" : "cpe:/a:redhat:jboss_core_services:1::el6", "package" : "jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6" }, { "product_name" : "JBoss Core Services on RHEL 6", "release_date" : "2020-06-22T00:00:00Z", "advisory" : "RHSA-2020:2644", "cpe" : "cpe:/a:redhat:jboss_core_services:1::el6", "package" : "jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el6" }, { "product_name" : "JBoss Core Services on RHEL 6", "release_date" : "2020-06-22T00:00:00Z", "advisory" : "RHSA-2020:2644", "cpe" : "cpe:/a:redhat:jboss_core_services:1::el6", "package" : "jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6" }, { "product_name" : "JBoss Core Services on RHEL 6", "release_date" : "2020-06-22T00:00:00Z", "advisory" : "RHSA-2020:2644", "cpe" : "cpe:/a:redhat:jboss_core_services:1::el6", "package" : "jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6" }, { "product_name" : "JBoss Core Services on RHEL 6", "release_date" : "2020-06-22T00:00:00Z", "advisory" : "RHSA-2020:2644", "cpe" : "cpe:/a:redhat:jboss_core_services:1::el6", "package" : "jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6" }, { "product_name" : "JBoss Core Services on RHEL 7", "release_date" : "2020-06-22T00:00:00Z", "advisory" : "RHSA-2020:2644", "cpe" : "cpe:/a:redhat:jboss_core_services:1::el7", "package" : "jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7" }, { "product_name" : "JBoss Core Services on RHEL 7", "release_date" : "2020-06-22T00:00:00Z", "advisory" : "RHSA-2020:2644", "cpe" : "cpe:/a:redhat:jboss_core_services:1::el7", "package" : "jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7" }, { "product_name" : "JBoss Core Services on RHEL 7", "release_date" : "2020-06-22T00:00:00Z", "advisory" : "RHSA-2020:2644", "cpe" : "cpe:/a:redhat:jboss_core_services:1::el7", "package" : "jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7" }, { "product_name" : "JBoss Core Services on RHEL 7", "release_date" : "2020-06-22T00:00:00Z", "advisory" : "RHSA-2020:2644", "cpe" : "cpe:/a:redhat:jboss_core_services:1::el7", "package" : "jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7" }, { "product_name" : "JBoss Core Services on RHEL 7", "release_date" : "2020-06-22T00:00:00Z", "advisory" : "RHSA-2020:2644", "cpe" : "cpe:/a:redhat:jboss_core_services:1::el7", "package" : "jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el7" }, { "product_name" : "JBoss Core Services on RHEL 7", "release_date" : "2020-06-22T00:00:00Z", "advisory" : "RHSA-2020:2644", "cpe" : "cpe:/a:redhat:jboss_core_services:1::el7", "package" : "jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7" }, { "product_name" : "JBoss Core Services on RHEL 7", "release_date" : "2020-06-22T00:00:00Z", "advisory" : "RHSA-2020:2644", "cpe" : "cpe:/a:redhat:jboss_core_services:1::el7", "package" : "jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7" }, { "product_name" : "JBoss Core Services on RHEL 7", "release_date" : "2020-06-22T00:00:00Z", "advisory" : "RHSA-2020:2644", "cpe" : "cpe:/a:redhat:jboss_core_services:1::el7", "package" : "jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7" }, { "product_name" : "JBoss Core Services on RHEL 7", "release_date" : "2020-06-22T00:00:00Z", "advisory" : "RHSA-2020:2644", "cpe" : "cpe:/a:redhat:jboss_core_services:1::el7", "package" : "jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2020-09-29T00:00:00Z", "advisory" : "RHSA-2020:3952", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "expat-0:2.1.0-12.el7" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2020-11-04T00:00:00Z", "advisory" : "RHSA-2020:4846", "cpe" : "cpe:/a:redhat:enterprise_linux:8::crb", "package" : "mingw-expat-0:2.2.4-5.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2020-11-04T00:00:00Z", "advisory" : "RHSA-2020:4484", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "expat-0:2.2.5-4.el8" }, { "product_name" : "Red Hat Enterprise Linux 8.2 Advanced Update Support", "release_date" : "2025-12-09T00:00:00Z", "advisory" : "RHSA-2025:22871", "cpe" : "cpe:/o:redhat:rhel_aus:8.2", "package" : "expat-0:2.2.10-1.el8_2" }, { "product_name" : "Red Hat OpenShift Do", "release_date" : "2021-03-22T00:00:00Z", "advisory" : "RHSA-2021:0949", "cpe" : "cpe:/a:redhat:openshift_do:1.0::el7", "package" : "openshiftdo/odo-init-image-rhel7:1.1.3-2" }, { "product_name" : "Text-Only JBCS", "release_date" : "2020-06-22T00:00:00Z", "advisory" : "RHSA-2020:2646", "cpe" : "cpe:/a:redhat:jboss_core_services:1", "package" : "expat" } ], "package_state" : [ { "product_name" : "Red Hat Enterprise Linux 5", "fix_state" : "Out of support scope", "package_name" : "expat", "cpe" : "cpe:/o:redhat:enterprise_linux:5" }, { "product_name" : "Red Hat Enterprise Linux 5", "fix_state" : "Not affected", "package_name" : "firefox", "cpe" : "cpe:/o:redhat:enterprise_linux:5" }, { "product_name" : "Red Hat Enterprise Linux 5", "fix_state" : "Not affected", "package_name" : "thunderbird", "cpe" : "cpe:/o:redhat:enterprise_linux:5" }, { "product_name" : "Red Hat Enterprise Linux 5", "fix_state" : "Out of support scope", "package_name" : "xmlrpc-c", "cpe" : "cpe:/o:redhat:enterprise_linux:5" }, { "product_name" : "Red Hat Enterprise Linux 5", "fix_state" : "Not affected", "package_name" : "xulrunner", "cpe" : "cpe:/o:redhat:enterprise_linux:5" }, { "product_name" : "Red Hat Enterprise Linux 6", "fix_state" : "Out of support scope", "package_name" : "compat-expat1", "cpe" : "cpe:/o:redhat:enterprise_linux:6" }, { "product_name" : "Red Hat Enterprise Linux 6", "fix_state" : "Out of support scope", "package_name" : "expat", "cpe" : "cpe:/o:redhat:enterprise_linux:6" }, { "product_name" : "Red Hat Enterprise Linux 6", "fix_state" : "Not affected", "package_name" : "firefox", "cpe" : "cpe:/o:redhat:enterprise_linux:6" }, { "product_name" : "Red Hat Enterprise Linux 6", "fix_state" : "Not affected", "package_name" : "thunderbird", "cpe" : "cpe:/o:redhat:enterprise_linux:6" }, { "product_name" : "Red Hat Enterprise Linux 6", "fix_state" : "Not affected", "package_name" : "xulrunner", "cpe" : "cpe:/o:redhat:enterprise_linux:6" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Not affected", "package_name" : "firefox", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Not affected", "package_name" : "thunderbird", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Not affected", "package_name" : "xulrunner", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat JBoss Enterprise Application Platform 6", "fix_state" : "Out of support scope", "package_name" : "httpd", "cpe" : "cpe:/a:redhat:jboss_enterprise_application_platform:6" }, { "product_name" : "Red Hat JBoss Enterprise Web Server 2", "fix_state" : "Out of support scope", "package_name" : "httpd", "cpe" : "cpe:/a:redhat:jboss_enterprise_web_server:2" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2018-20843\nhttps://nvd.nist.gov/vuln/detail/CVE-2018-20843\nhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931031" ], "name" : "CVE-2018-20843", "csaw" : false }