Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound due to improper validation in the XMLParseBuffer function. An attacker can cause unexpected behavior, including potential data corruption or application crashes, by providing specially crafted input that...

PT-2026-51242

Name of the Vulnerable Software and Affected Versions libexpat versions prior to 2.8.2 Description An integer overflow occurs in the XML ParseBuffer function because it lacks a specific check that is implemented in the XML Parse function. Recommendations Update to version 2.8.2 or later...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: mingw-expat (UTSA-2026-004806)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004806 advisory. An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XMLParseBuffer. Tenable has extracted the preceding description...

Astra Linux – Vulnerability in expat

A issue was discovered in libexpat before version 2.6.3. In xmlparse.c, a negative length value for XMLParseBuffer is allowed without being rejected...

Security Bulletin: IBM MQ Operator and Queue manager container images are vulnerable to OpenSSL and libexpat

Summary OpenSSL and Libexpat used by IBM MQ Operator and Queue Manager container images are vulnerable to denial of service due to improper memory allocation, and providing weaker than expected security which might allow an attacker to execute arbitrary code on the system. This bulletin identifie...

SUSE CVE-2024-45490

An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XMLParseBuffer...

AZL-48372 CVE-2024-45490 affecting package expat for versions less than 2.6.3-1

An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XMLParseBuffer...