Lucene search
+L

6 matches found

CloudLinux
CloudLinux
added 2026/04/29 7:8 a.m.12 views

expat: Fix of 3 CVEs

CVE-2017-9233: Fix external entity infinite loop bug - CVE-2018-20843: Fix extraction of namespace prefix from XML name - CVE-2019-15903: Deny internal entities closing the doctype heap overread...

7.8CVSS6.8AI score0.09051EPSS
Exploits3
OSV
OSV
added 2026/04/29 7:8 a.m.10 views

CLSA-2026-1777304792 expat: Fix of 3 CVEs

CVE-2017-9233: Fix external entity infinite loop bug - CVE-2018-20843: Fix extraction of namespace prefix from XML name - CVE-2019-15903: Deny internal entities closing the doctype heap overread...

7.8CVSS6.8AI score0.09051EPSS
Exploits3References1
RedHat Linux
RedHat Linux
added 2022/11/22 3:4 p.m.11 views

expat: a use-after-free in the doContent function in xmlparse.c

A vulnerability was found in expat. With this flaw, it is possible to create a situation in which parsing is suspended while substituting in an internal entity so that XMLResumeParser directly uses the internalEntityProcessor as its processor. If the subsequent parse includes some unclosed tags,...

8.1CVSS7.6AI score0.0176EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2019/10/07 12:0 a.m.42 views

Fedora 31 : expat (2019-613edfe68b)

This update of expat fixes the following security issue : - CVE-2019-15903 -- Fix heap overflow triggered by XMLGetCurrentLineNumber or XMLGetCurrentColumnNumber, and deny internal entities closing the doctype The following bug fixes are also included : - Fix cases where XMLStopParser did not hav...

7.5CVSS7.4AI score0.06707EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2019/09/25 12:0 a.m.41 views

Fedora 30 : expat (2019-9505c6b555)

This update of expat fixes the following security issue : - CVE-2019-15903 -- Fix heap overflow triggered by XMLGetCurrentLineNumber or XMLGetCurrentColumnNumber, and deny internal entities closing the doctype The following bug fixes are also included : - Fix cases where XMLStopParser did not hav...

7.5CVSS7.4AI score0.06707EPSS
Exploits1References2
FreeBSD
FreeBSD
added 2019/09/13 12:0 a.m.14 views

expat2 -- Fix extraction of namespace prefixes from XML names

expat project reports: Fix heap overflow triggered by XMLGetCurrentLineNumber or XMLGetCurrentColumnNumber, and deny internal entities closing the doctype...

2.2AI score
Exploits0References1
Rows per page
Query Builder