expat: Large number of prefixed XML attributes on a single tag can crash libexpat

expat libexpat is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to buffer overrun. The highest threat from this vulnerability is to availability...

Amazon Linux 2 : firefox (ALASFIREFOX-2025-037)

The version of firefox installed on the remote host is prior to 128.9.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2FIREFOX-2025-037 advisory. An issue was discovered in libexpat before 2.6.4. There is a crash within the XMLResumeParser function because...

Medium: thunderbird

Issue Overview: There exists an out of bounds read/write in LibJXL versions prior to commit 9cc451b91b74ba470fd72bd48c121e9f33d24c99. The JPEG decoder used by the JPEG XL encoder when doing JPEG recompression i.e. if using JxlEncoderAddJPEGFrame on untrusted input does not properly check bounds i...

An issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser function because XML_StopParser can stop/suspend an unstarted parser.

...

CVE-2024-50602

An issue was discovered in libexpat before 2.6.4. There is a crash within the XMLResumeParser function because XMLStopParser can stop/suspend an unstarted parser...