Product:

Libexpat

(Libexpat_project)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 34
Date Id Summary Products Score Patch Annotated
2016-05-26 CVE-2016-0718 Expat allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input document, which triggers a buffer overflow. Mac_os_x, Ubuntu_linux, Debian_linux, Libexpat, Policy_auditor, Firefox, Leap, Opensuse, Python, Linux_enterprise_debuginfo, Linux_enterprise_desktop, Linux_enterprise_server, Linux_enterprise_software_development_kit, Studio_onsite 9.8
2022-01-24 CVE-2022-23852 Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer, for configurations with a nonzero XML_CONTEXT_BYTES. Debian_linux, Libexpat, Clustered_data_ontap, Oncommand_workflow_automation, Communications_metasolv_solution, Sinema_remote_connect_server, Nessus 9.8
2022-01-01 CVE-2021-45960 In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtts function in xmlparse.c can lead to realloc misbehavior (e.g., allocating too few bytes, or only freeing memory). Debian_linux, Libexpat, Active_iq_unified_manager, Hci_baseboard_management_controller, Oncommand_workflow_automation, Solidfire_\&_hci_management_node, Sinema_remote_connect_server, Nessus 8.8
2022-01-06 CVE-2021-46143 In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_groupSize. Libexpat, Active_iq_unified_manager, Clustered_data_ontap, Hci_baseboard_management_controller, Oncommand_workflow_automation, Solidfire_\&_hci_management_node, Sinema_remote_connect_server, Nessus 7.8
2022-01-10 CVE-2022-22822 addBinding in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. Debian_linux, Libexpat, Sinema_remote_connect_server, Nessus 9.8
2022-01-10 CVE-2022-22823 build_model in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. Debian_linux, Libexpat, Sinema_remote_connect_server, Nessus 9.8
2022-01-10 CVE-2022-22824 defineAttribute in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. Debian_linux, Libexpat, Sinema_remote_connect_server, Nessus 9.8
2022-01-10 CVE-2022-22825 lookup in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. Debian_linux, Libexpat, Sinema_remote_connect_server, Nessus 8.8
2022-01-10 CVE-2022-22826 nextScaffoldPart in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. Debian_linux, Libexpat, Sinema_remote_connect_server, Nessus 8.8
2022-01-10 CVE-2022-22827 storeAtts in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. Debian_linux, Libexpat, Sinema_remote_connect_server, Nessus 8.8