XML-Parser Expat – All you need to know
Recently, a vulnerability was discovered in the XML-Parser library Expat. It allows attackers to inject malicious code into systems and execute it there. Since the library is wide-spread, many systems are potentially affected by it. We have all the important information on this here.
What is XML-Parser Expat?
Similar to the vulnerability in the Log4Shell library that made the headlines just a few weeks ago, the XML-Parser Expat is a wildly used open-source library that attackers could use to inject and execute malicious code on systems. Unlike Log4Shell, there have not yet been any reports of widespread scans for the vulnerability or successful attacks that have exploited this vulnerability.
The vulnerability has already been closed by the development team in version 2.4.4 of Expat. However, due to its widespread use, it takes some time for all projects that use the library to also update and release new versions of their applications.
XML-Parser Expat and the Cloudogu EcoSystem
The Cloudogu EcoSystem is a platform for running a variety of applications. Only the Dogu for PlantUML is affected by this vulnerability. The current status and our recommendations for action can be found in this post in our forum.
XML-Parser Expat and SCM-Manager
Since neither the tool SCM-Manager nor the official plugins use the Expat XML parser, the application itself is not vulnerable. There is some danger if you use the plugin for PlantUML or plugins from external sources. Plugins from external sources are plugins that are not installed via the plugin center of the tool. For these we cannot exclude that they use the XML-Parser Expat. Also for SCM-Manager you can find the current status and our recommended actions in our forum.
XML-Parser Expat and other applications
Because the Expat XML-Parser is so widely used, there is not yet a complete list of affected software. Therefore, you should keep an eye out for new versions of applications in the near future and install them as soon as they become available. This is the best way to secure your systems against attacks via the Expat XML-Parser vulnerability. Known examples of affected software are various versions of SuSE Linux or Firefox on Ubuntu.