5 matches found
EUVD-2022-29996
Malicious code in bioql PyPI...
MGASA-2022-0409 Updated expat packages fix security vulnerability
In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XMLExternalEntityParserCreate in out-of-memory situations. CVE-2022-43680...
CVE-2022-25236
xmlparse.c in Expat aka libexpat before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs...
MGASA-2022-0031 Updated expat packages fix security vulnerability
In Expat aka libexpat before 2.4.3, a left shift by 29 or more places in the storeAtts function in xmlparse.c can lead to realloc misbehavior e.g., allocating too few bytes, or only freeing memory. CVE-2021-45960 In doProlog in xmlparse.c in Expat aka libexpat before 2.4.3, an integer overflow...
CVE-2022-22825
lookup in xmlparse.c in Expat aka libexpat before 2.4.3 has an integer overflow...