Astra Linux - уязвимость в firefox, thunderbird, expat

Expat also known as libexpat before version 2.4.4 has an integer overflow in the doProlog function...

expat: integer overflow in the doProlog function

A flaw was found in expat. The vulnerability occurs due to large content in element type declarations when there is an element declaration handler present which leads to an integer overflow. This flaw allows an attacker to inject an unsigned integer, leading to a crash or a denial of service...

JLSEC-2025-51 Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function.

Expat aka libexpat before 2.4.4 has an integer overflow in the doProlog function...

EUVD-2022-28905

Malicious code in bioql PyPI...

Medium: expat

Issue Overview: Expat aka libexpat before 2.4.4 has an integer overflow in the doProlog function. CVE-2022-23990 Affected Packages: expat Issue Correction: Run yum update expat or yum update --advisory ALAS-2023-1882 to update your system. New Packages: i686: expat-devel-2.1.0-15.34.amzn1.i686...

CLSA-2023-1696877712 expat: Fix of 2 CVEs

CVE-2022-23990: lib: prevent integer overflow in function doProlog - CVE-2022-43680: fix overeager DTD destruction in XMLExternalEntityParserCreate...

expat: Integer overflow in doProlog in xmlparse.c

expat libexpat is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability,...

Huawei EulerOS: Security Advisory for expat (EulerOS-SA-2022-1645)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

expat: Integer overflow in doProlog in xmlparse.c

expat libexpat is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability,...

SUSE: Security Advisory (SUSE-SU-2022:14884-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MGASA-2022-0048 Updated expat packages fix security vulnerability

Expat aka libexpat before 2.4.4 has a signed integer overflow in XMLGetBuffer, for configurations with a nonzero XMLCONTEXTBYTES. CVE-2022-23852 Expat aka libexpat before 2.4.4 has an integer overflow in the doProlog function. CVE-2022-23990...

Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function.

...

Integer Overflow

libexpat.so is vulnerable to integer overflow. The vulnerability exists in the doProlog function in the xmlparse.c file, allowing an attacker to cause an application crash...

AZL-8334 CVE-2022-23990 affecting package expat for versions less than 2.4.8-1

Expat aka libexpat before 2.4.4 has an integer overflow in the doProlog function...

CVE-2022-23990

Expat aka libexpat before 2.4.4 has an integer overflow in the doProlog function...

CVE-2022-23990

Expat aka libexpat before 2.4.4 has an integer overflow in the doProlog function...

Buffer overflow

The big2toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, as used in the XML-Twig module for Perl, allows context-dependent attackers to cause a denial of service application crash via an XML document with malformed UTF-8 sequences that trigger a buffer over-read, related to the doProlo...