563 matches found
OESA-2026-2857 expat security update
expat is a stream-oriented XML parser library written in C. expat excels with files too large to fit RAM, and where performance and flexibility are crucial. Security Fixes: libexpat before 2.8.2 lacks handler call depth tracking for calls to XMLResumeParser from within handlers in cases of a poli...
ROOT-OS-DEBIAN-12-CVE-2026-41080 CVE-2026-41080 in rootio-expat - Patched by Root
Root has patched CVE-2026-41080 in the rootio-expat package for Root:Debian:12. Multiple fixed versions available...
GHSA-XQW9-F65G-5QXW vulnerabilities
Vulnerabilities for packages: expat...
CVE-2026-56404 vulnerabilities
Vulnerabilities for packages: expat...
UBUNTU-CVE-2026-56412
libexpat before 2.8.2 does not consider XMLTOKDATACHARS in doCdataSection and thus lacks handler call depth tracking for various calls from within handlers in cases of a policy violation. Thus, a use-after-free can occur. NOTE: this issue exists because of an incomplete fix for CVE-2026-50219...
ALPINE-CVE-2026-56405
libexpat before 2.8.2 has an integer overflow in getAttributeId...
ALPINE-CVE-2026-56404
libexpat before 2.8.2 has an integer overflow in addBinding...
CVE-2026-56407
libexpat before 2.8.2 has an integer overflow in doProlog that is related to storeEntityValue and entity textLen...
CVE-2026-56403
libexpat before 2.8.2 has an integer overflow in storeAtts...
UBUNTU-CVE-2026-56406
libexpat before 2.8.2 has an integer overflow in XMLParseBuffer because it lacked a check that was present in XMLParse...
UBUNTU-CVE-2026-56405
libexpat before 2.8.2 has an integer overflow in getAttributeId...
UBUNTU-CVE-2026-56403
libexpat before 2.8.2 has an integer overflow in storeAtts...
CVE-2026-56412
In the connected CVE data, libexpat before 2.8.2 is affected: the XML_TOK_DATA_CHARS handling in doCdataSection lacks proper handler call depth tracking, enabling a use-after-free under certain policy violations. This stems from an incomplete fix for CVE-2026-50219. CVSS indicates LOCAL attack ve...
EUVD-2026-38188
xmlwf in libexpat before 2.8.2 has an integer overflow in endDoctypeDecl via NOTATION declarations...
CVE-2026-56410
xmlwf in libexpat before 2.8.2 has an integer overflow in resolveSystemId...
CVE-2026-56409
xmlwf in libexpat before 2.8.2 has an integer overflow for the output filename when -d outputDir is used...
EUVD-2026-38184
libexpat before 2.8.2 has an integer overflow in doProlog that is related to storeEntityValue and entity textLen...
CVE-2026-56406
libexpat before 2.8.2 has an integer overflow in XMLParseBuffer because it lacked a check that was present in XMLParse...
CVE-2026-56405
libexpat before 2.8.2 has an integer overflow in getAttributeId...
CVE-2026-56405
libexpat before 2.8.2 has an integer overflow in getAttributeId...