Lucene search
K

21 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerabilities in Firefox, Thunderbird, Expat, LibXMLTok

The defineAttribute function in xmlparse.c of Expat also known as libexpat has an integer overflow before version 2.4.3...

9.8CVSS8AI score0.03376EPSS
Exploits0References2
OSV
OSV
added 2026/05/21 10:26 a.m.5 views

CLSA-2026-1779359157 Fix CVE(s): CVE-2026-45186

SECURITY UPDATE: Denial of service via quadratic attribute-name collision check in libexpat before 2.8.1 - debian/patches/CVE-2026-45186.patch: introduce per-element defaultAttsNames hash table and use it for O1 attribute collision detection in defineAttribute - CVE-2026-45186...

7.5CVSS5.8AI score0.00428EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2025/12/09 8:32 a.m.4 views

expat: Integer overflow in defineAttribute in xmlparse.c

expat libexpat is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability,...

9.8CVSS7.6AI score0.03376EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/11/13 12:0 a.m.5 views

Siemens SIMATIC S7-1500 Integer Overflow or Wraparound (CVE-2022-22824)

defineAttribute in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid504346;...

9.8CVSS6.8AI score0.03376EPSS
Exploits0References5
OSV
OSV
added 2025/10/14 3:35 p.m.5 views

JLSEC-2025-46 defineAttribute in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.

defineAttribute in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow...

9.8CVSS7.1AI score0.03376EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.2 views

Unity Linux 20.1070a Security Update: firefox (UTSA-2025-987433)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987433 advisory. defineAttribute in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow. Tenable has extracted the preceding description block directly from the Uni...

9.8CVSS7.3AI score0.03376EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-27962

Malicious code in bioql PyPI...

9.8CVSS7.8AI score0.03376EPSS
Exploits0References16
OSV
OSV
added 2023/07/29 11:5 a.m.6 views

OESA-2023-1454 firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. Security Fixes: addBinding in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow.CVE-2022-22822 buildmodel in xmlparse.c in Expat aka libexpat before 2.4.3 has an...

9.8CVSS8.7AI score0.04829EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2022/10/26 8:5 p.m.5 views

expat: Integer overflow in defineAttribute in xmlparse.c

expat libexpat is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability,...

9.8CVSS7.5AI score0.03376EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/03/14 10:48 a.m.4 views

expat: Integer overflow in defineAttribute in xmlparse.c

expat libexpat is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability,...

9.8CVSS7.5AI score0.03376EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/03/14 10:16 a.m.3 views

expat: Integer overflow in defineAttribute in xmlparse.c

expat libexpat is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability,...

9.8CVSS7.5AI score0.03376EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/03/10 4:37 p.m.6 views

expat: Integer overflow in defineAttribute in xmlparse.c

expat libexpat is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability,...

9.8CVSS7.5AI score0.03376EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2022/02/16 12:0 a.m.6 views

The vulnerability of the `defineAttribute` function in the `xmlparse.c` file of the ExPat library allows a hacker to cause a service failure.

The vulnerability of the defineAttribute function in the xmlparse.c file of the ExPat library is related to integer overflow. Exploiting this vulnerability could allow a malicious actor to cause service failures...

10CVSS7.5AI score0.03376EPSS
Exploits0References20Affected Software8
Microsoft CVE
Microsoft CVE
added 2022/01/14 8:0 a.m.5 views

defineAttribute in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.

...

9.8CVSS7.5AI score0.03376EPSS
Exploits0
CNVD
CNVD
added 2022/01/14 12:0 a.m.20 views

Expat defineAttribute function buffer overflow vulnerability

Expat is a fast streaming XML parser written in C. A buffer overflow vulnerability exists in versions of Expat prior to 2.4.3, which stems from a boundary error in defineAttribute in xmlparse.c when handling untrusted input. A remote attacker could exploit this vulnerability to execute arbitrary...

9.8CVSS6.1AI score0.03376EPSS
Exploits0References1
Veracode
Veracode
added 2022/01/11 6:52 a.m.32 views

Integer Overflow

libexpat.so is vulnerable to Integer Overflow. The vulnerability exists because the defineAttribute function of xmlparse.c doesn't check the input length which allows an attacker to leverage an overflow causing an application crash...

9.8CVSS9.4AI score0.03376EPSS
Exploits0References8Affected Software23
OSV
OSV
added 2022/01/10 2:12 p.m.7 views

AZL-7158 CVE-2022-22824 affecting package expat for versions less than 2.4.3-1

defineAttribute in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow...

9.8CVSS7AI score0.03376EPSS
Exploits0References1
OSV
OSV
added 2022/01/10 2:12 p.m.2 views

DEBIAN-CVE-2022-22824

defineAttribute in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow...

9.8CVSS7.4AI score0.03376EPSS
Exploits0References1
OSV
OSV
added 2022/01/10 2:12 p.m.3 views

UBUNTU-CVE-2022-22824

defineAttribute in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow...

9.8CVSS7AI score0.03376EPSS
Exploits0References6
AlpineLinux
AlpineLinux
added 2022/01/08 2:56 a.m.33 views

CVE-2022-22824

defineAttribute in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow...

9.8CVSS9.9AI score0.03376EPSS
Exploits0
Rows per page
Query Builder