Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: mingw-expat (UTSA-2026-004806)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004806 advisory. An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XMLParseBuffer. Tenable has extracted the preceding description...

SUSE-SU-2025:4512-1 Security update for mozjs52

This update for mozjs52 fixes the following issues: - CVE-2024-45491: Fixed integer overflow in dtdCopy bsc1230037 - CVE-2024-50602: Fixed DoS via XMLResumeParser bsc1232599 - CVE-2024-45492: Fixed integer overflow in function nextScaffoldPart bsc1230038 - CVE-2024-45490: Fixed negative len for...

libexpat: Negative Length Parsing Vulnerability in libexpat

A flaw was found in libexpat's xmlparse.c component. This vulnerability allows an attacker to cause improper handling of XML data by providing a negative length value to the XMLParseBuffer function...

Astra Linux – Vulnerability in expat

A issue was discovered in libexpat before version 2.6.3. In xmlparse.c, a negative length value for XMLParseBuffer is allowed without being rejected...

Security Bulletin: IBM MQ Operator and Queue manager container images are vulnerable to OpenSSL and libexpat

Summary OpenSSL and Libexpat used by IBM MQ Operator and Queue Manager container images are vulnerable to denial of service due to improper memory allocation, and providing weaker than expected security which might allow an attacker to execute arbitrary code on the system. This bulletin identifie...

SUSE CVE-2024-45490

An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XMLParseBuffer...

AZL-48372 CVE-2024-45490 affecting package expat for versions less than 2.6.3-1

An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XMLParseBuffer...

AZL-48369 CVE-2024-45490 affecting package expat for versions less than 2.6.3-1

An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XMLParseBuffer...

ALPINE-CVE-2024-45490

An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XMLParseBuffer...

OSV-2018-222 Heap-buffer-overflow in resip::ParseBuffer::qVal

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=6713 Crash type: Heap-buffer-overflow READ 1 Crash state: resip::ParseBuffer::qVal resip::QValueParameter::QValueParameter resip::QValueParameter::decode...