7 matches found
EUVD-2026-25150
PsiTransfer is an open source, self-hosted file sharing solution. Prior to version 2.4.3, the upload PATCH flow under /files/:uploadId validates the mounted request path using the still-encoded req.path, but the downstream tus handler later writes using the decoded req.params.uploadId. In...
JLSEC-2025-49 storeAtts in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
storeAtts in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow...
OESA-2023-1464 firefox security update
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. Security Fixes: In Expat aka libexpat before 2.4.3, a left shift by 29 or more places in the storeAtts function in xmlparse.c can lead to realloc misbehavior e.g., allocating too few...
SUSE CVE-2021-46143
In doProlog in xmlparse.c in Expat aka libexpat before 2.4.3, an integer overflow exists for mgroupSize...
SUSE CVE-2022-22827
storeAtts in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow...
AZL-7159 CVE-2022-22825 affecting package expat for versions less than 2.4.3-1
lookup in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow...
DEBIAN-CVE-2022-22822
addBinding in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow...