What is the vulnerability ID for the Expat vulnerability?

The vulnerability ID for the Expat vulnerability is USN-4132-1.

What software is affected by the Expat vulnerability?

The Expat vulnerability affects the libexpat1 package version 2.2.6-1ubuntu0.19.5 on Ubuntu 19.04, libexpat1 package version 2.2.5-3ubuntu0.2 on Ubuntu 18.04, lib64expat1 package version 2.1.0-7ubuntu0.16.04.5 on Ubuntu 16.04.

What is the risk associated with the Expat vulnerability?

The Expat vulnerability could allow an attacker to expose sensitive information.

How can I fix the Expat vulnerability?

To fix the Expat vulnerability, update the libexpat1 package to version 2.2.6-1ubuntu0.19.5 for Ubuntu 19.04, version 2.2.5-3ubuntu0.2 for Ubuntu 18.04, and update the lib64expat1 package to version 2.1.0-7ubuntu0.16.04.5 for Ubuntu 16.04.

Where can I find more information about the Expat vulnerability?

You can find more information about the Expat vulnerability at the following references: [CVE-2019-15903](https://ubuntu.com/security/CVE-2019-15903), [USN-4202-1](https://ubuntu.com/security/notices/USN-4202-1), [USN-4335-1](https://ubuntu.com/security/notices/USN-4335-1).

Vulnerability/
USN-4132-1

12/9/2019

USN-4132-1: Expat vulnerability

First published: Thu Sep 12 2019(Updated: )

It was discovered that Expat incorrectly handled certain XML files. An attacker could possibly use this issue to expose sensitive information.

Affected Software	Affected Version	How to fix
All of
ubuntu/libexpat1	<2.2.6-1ubuntu0.19.5	2.2.6-1ubuntu0.19.5
	=19.04
All of
ubuntu/libexpat1	<2.2.5-3ubuntu0.2	2.2.5-3ubuntu0.2
	=18.04
All of
ubuntu/lib64expat1	<2.1.0-7ubuntu0.16.04.5	2.1.0-7ubuntu0.16.04.5
	=16.04
All of
ubuntu/libexpat1	<2.1.0-7ubuntu0.16.04.5	2.1.0-7ubuntu0.16.04.5
	=16.04

Never miss a vulnerability like this again

Reference Links

Child vulnerabilities

(Contains the following vulnerabilities)

CVE-2019-15903

Frequently Asked Questions

What is the vulnerability ID for the Expat vulnerability?
The vulnerability ID for the Expat vulnerability is USN-4132-1.
What software is affected by the Expat vulnerability?
The Expat vulnerability affects the libexpat1 package version 2.2.6-1ubuntu0.19.5 on Ubuntu 19.04, libexpat1 package version 2.2.5-3ubuntu0.2 on Ubuntu 18.04, lib64expat1 package version 2.1.0-7ubuntu0.16.04.5 on Ubuntu 16.04.
What is the risk associated with the Expat vulnerability?
The Expat vulnerability could allow an attacker to expose sensitive information.
How can I fix the Expat vulnerability?
To fix the Expat vulnerability, update the libexpat1 package to version 2.2.6-1ubuntu0.19.5 for Ubuntu 19.04, version 2.2.5-3ubuntu0.2 for Ubuntu 18.04, and update the lib64expat1 package to version 2.1.0-7ubuntu0.16.04.5 for Ubuntu 16.04.
Where can I find more information about the Expat vulnerability?
You can find more information about the Expat vulnerability at the following references: [CVE-2019-15903](https://ubuntu.com/security/CVE-2019-15903), [USN-4202-1](https://ubuntu.com/security/notices/USN-4202-1), [USN-4335-1](https://ubuntu.com/security/notices/USN-4335-1).

agent/description
agent/event
agent/first-publish-date
agent/last-modified-date
agent/references
agent/severity
agent/softwarecombine
agent/tags
agent/title
agent/type
collector/usn
source/Ubuntu
anchor-related/USN-4202-1
anchor-related/USN-4335-1
anchor-related/USN-4165-1
anchor-related/USN-4132-2
anchor-related/USN-4852-1
anchor-related/USN-5455-1
agent/software-canonical-lookup
package-manager/ubuntu
vendor/ubuntu
canonical/ubuntu ubuntu
version/ubuntu ubuntu/19.04
version/ubuntu ubuntu/18.04
version/ubuntu ubuntu/16.04