Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Libexpat
(Libexpat_project)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 38 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-02-18 | CVE-2022-25314 | In Expat (aka libexpat) before 2.4.5, there is an integer overflow in copyString. | Debian_linux, Fedora, Libexpat, Http_server, Zfs_storage_appliance_kit, Sinema_remote_connect_server | 7.5 | ||
| 2022-02-18 | CVE-2022-25315 | In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames. | Debian_linux, Fedora, Libexpat, Http_server, Zfs_storage_appliance_kit, Sinema_remote_connect_server | 9.8 | ||
| 2024-08-30 | CVE-2024-45490 | An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XML_ParseBuffer. | Libexpat | 7.5 | ||
| 2024-03-10 | CVE-2024-28757 | libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via XML_ExternalEntityParserCreate). | Fedora, Libexpat, Active_iq_unified_manager, H300s_firmware, H410c_firmware, H410s_firmware, H500s_firmware, H610c_firmware, H610s_firmware, H700s_firmware, Oncommand_workflow_automation, Ontap, Ontap_tools, Windows_host_utilities | 7.5 | ||
| 2024-02-04 | CVE-2023-52425 | libexpat through 2.5.0 allows a denial of service (resource consumption) because many full reparsings are required in the case of a large token for which multiple buffer fills are needed. | Libexpat | 7.5 | ||
| 2024-08-30 | CVE-2024-45491 | An issue was discovered in libexpat before 2.6.3. dtdCopy in xmlparse.c can have an integer overflow for nDefaultAtts on 32-bit platforms (where UINT_MAX equals SIZE_MAX). | Libexpat | 9.8 | ||
| 2024-08-30 | CVE-2024-45492 | An issue was discovered in libexpat before 2.6.3. nextScaffoldPart in xmlparse.c can have an integer overflow for m_groupSize on 32-bit platforms (where UINT_MAX equals SIZE_MAX). | Libexpat | 9.8 | ||
| 2009-11-03 | CVE-2009-3720 | The updatePosition function in lib/xmltok_impl.c in libexpat in Expat 2.0.1, as used in Python, PyXML, w3c-libwww, and other software, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with crafted UTF-8 sequences that trigger a buffer over-read, a different vulnerability than CVE-2009-2625. | Http_server, Libexpat | N/A | ||
| 2009-12-04 | CVE-2009-3560 | The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, as used in the XML-Twig module for Perl, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with malformed UTF-8 sequences that trigger a buffer over-read, related to the doProlog function in lib/xmlparse.c, a different vulnerability than CVE-2009-2625 and CVE-2009-3720. | Http_server, Libexpat | N/A | ||
| 2014-01-21 | CVE-2013-0340 | expat 2.1.0 and earlier does not properly handle entities expansion unless an application developer uses the XML_SetEntityDeclHandler function, which allows remote attackers to cause a denial of service (resource consumption), send HTTP requests to intranet servers, or read arbitrary files via a crafted XML document, aka an XML External Entity (XXE) issue. NOTE: it could be argued that because expat already provides the ability to disable external entity expansion, the responsibility for... | Ipados, Iphone_os, Macos, Tvos, Watchos, Libexpat, Python | N/A |