Astra Linux - уязвимость в firefox, thunderbird, expat, libxmltok

In doProlog, within xmlparse.c of the Expat library also known as libexpat, there is an integer overflow issue related to mgroupSize before version 2.4.3...

Unity Linux 20.1070e Security Update: expat (UTSA-2026-017375)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017375 advisory. Expat aka libexpat before 2.4.4 has an integer overflow in the doProlog function. Tenable has extracted the preceding description block directly from the Unity Linux...

Astra Linux - уязвимость в firefox, thunderbird, expat

Expat also known as libexpat before version 2.4.4 has an integer overflow in the doProlog function...

expat: Integer overflow in doProlog in xmlparse.c

expat libexpat is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability,...

expat: integer overflow in the doProlog function

A flaw was found in expat. The vulnerability occurs due to large content in element type declarations when there is an element declaration handler present which leads to an integer overflow. This flaw allows an attacker to inject an unsigned integer, leading to a crash or a denial of service...

expat: integer overflow in the doProlog function

A flaw was found in expat. The vulnerability occurs due to large content in element type declarations when there is an element declaration handler present which leads to an integer overflow. This flaw allows an attacker to inject an unsigned integer, leading to a crash or a denial of service...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: expat (UTSA-2025-991053)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-991053 advisory. Expat aka libexpat before 2.4.4 has an integer overflow in the doProlog function. Tenable has extracted the preceding description block directly from the Unity Linux...

expat: Integer overflow in doProlog in xmlparse.c

expat libexpat is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability,...

expat: integer overflow in the doProlog function

A flaw was found in expat. The vulnerability occurs due to large content in element type declarations when there is an element declaration handler present which leads to an integer overflow. This flaw allows an attacker to inject an unsigned integer, leading to a crash or a denial of service...

USN-7913-1 mame vulnerabilities

It was discovered that the stb library, included in MAME, had a heap-based buffer overflow. An attacker could possibly use this issue to crash the program or execute arbitrary code. CVE-2018-16981 It was discovered that the tinyexr library, included in MAME, had a heap- based buffer over-read in...

RHEL 8 : expat (RHSA-2025:22785)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:22785 advisory. Expat is a C library for parsing XML documents. Security Fixes: expat: internal entity expansion CVE-2013-0340 expat: Large number of...

expat: integer overflow in the doProlog function

A flaw was found in expat. The vulnerability occurs due to large content in element type declarations when there is an element declaration handler present which leads to an integer overflow. This flaw allows an attacker to inject an unsigned integer, leading to a crash or a denial of service...

expat: integer overflow in the doProlog function

A flaw was found in expat. The vulnerability occurs due to large content in element type declarations when there is an element declaration handler present which leads to an integer overflow. This flaw allows an attacker to inject an unsigned integer, leading to a crash or a denial of service...

Siemens SIMATIC S7-1500 Integer Overflow or Wraparound (CVE-2021-46143)

In doProlog in xmlparse.c in Expat aka libexpat before 2.4.3, an integer overflow exists for mgroupSize. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description...

Siemens SIMATIC S7-1500 Integer Overflow or Wraparound (CVE-2022-23990)

Expat aka libexpat before 2.4.4 has an integer overflow in the doProlog function. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid504304;...

JLSEC-2025-51 Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function.

Expat aka libexpat before 2.4.4 has an integer overflow in the doProlog function...

JLSEC-2025-43 In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_gro...

In doProlog in xmlparse.c in Expat aka libexpat before 2.4.3, an integer overflow exists for mgroupSize...

EUVD-2022-28905

Malicious code in bioql PyPI...

Medium: expat

Issue Overview: Expat aka libexpat before 2.4.4 has an integer overflow in the doProlog function. CVE-2022-23990 Affected Packages: expat Issue Correction: Run yum update expat or yum update --advisory ALAS-2023-1882 to update your system. New Packages: i686: expat-devel-2.1.0-15.34.amzn1.i686...

CLSA-2023-1696877712 expat: Fix of 2 CVEs

CVE-2022-23990: lib: prevent integer overflow in function doProlog - CVE-2022-43680: fix overeager DTD destruction in XMLExternalEntityParserCreate...