9 matches found
Astra Linux – Vulnerabilities in Firefox, Thunderbird, and Expat
In libexpat before version 2.7.4, XMLExternalEntityParserCreate does not copy unknown encoding handler user data...
CLSA-2026-1770741587 expat: Fix of CVE-2026-24515
CVE-2026-24515: fix NULL pointer dereference in XMLExternalEntityParserCreate...
CLSA-2026-1770732201 Fix CVE(s): CVE-2026-24515
SECURITY UPDATE: XMLExternalEntityParserCreate failure to copy the encoding handler data can cause a NULL dereference. - debian/patches/CVE-2026-24515.patch: Make XMLExternalEntityParserCreate copy unknown encoding handler user data - CVE-2026-24515...
CLSA-2026-1770394049 expat: Fix of CVE-2026-24515
CVE-2026-24515: fix NULL pointer dereference in XMLExternalEntityParserCreate...
expat -- multiple vulnerabilities
expat team reports: Update contains 2 security fixes: CVE-2026-24515: NULL dereference in function XMLExternalEntityParserCreate CVE-2026-25210: missing check for integer overflow in function doContent...
ALPINE-CVE-2026-24515
In libexpat before 2.7.4, XMLExternalEntityParserCreate does not copy unknown encoding handler user data...
EulerOS Virtualization 2.11.0 : expat (EulerOS-SA-2023-2088)
According to the versions of the expat package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XMLExternalEntityParserCrea...
SUSE CVE-2022-43680
In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XMLExternalEntityParserCreate in out-of-memory situations...
expat: use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate
A use-after-free flaw was found in the Expat package, caused by destruction of a shared DTD in XMLExternalEntityParserCreate in out-of-memory situations. This may lead to availability disruptions...