HCE2-SA-2023-0107 Important HCE 2.0 Security Fix(es): Those using Xstream to seralize XML data may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of service attack. (CVE-2022-40153) squashfs_opendir in unsquash-1.c in Squashfs-Tools 4.5 stores the filename in the directory entry; this is then used by unsquashfs to create the new file during the unsquash. The filename is not validated for traversal outside of the destination directory, and thus allows writing to locations outside of the destination. (CVE-2021-40153) Windows Kerberos Denial of Service Vulnerability. (CVE-2022-41053) HCE 2.0 squashfs-tools-4.5-1.r2.hce2.aarch64.rpm squashfs-tools-4.5-1.r2.hce2.x86_64.rpm