EUVD-2026-23276

libexpat before 2.7.6 uses insufficient entropy, and thus hash flooding can occur via a crafted XML document...

Certain HP LaserJet Enterprise and HP LaserJet Managed Printers – Potential Denial of Service & Potential Buffer Overflow

Certain HP LaserJet Enterprise and HP LaserJet Managed Printers may experience a potential buffer overflow and potential denial of service when utilizing the open-source libexpat XML parsing library within their firmware stacks. Update your printer firmware...

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound in the doContent function in xmlparse.c. An attacker can cause memory corruption or potentially execute arbitrary code by providing specially crafted input that triggers an integer overflow. Remediation...

CVE-2026-25210

In libexpat before 2.7.4, the doContent function does not properly determine the buffer size bufSize because there is no integer overflow check for tag buffer reallocation...

EUVD-2024-54057

Malicious code in bioql PyPI...

Huawei EulerOS: Security Advisory for expat (EulerOS-SA-2025-2156)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

K000151869: libexpat vulnerability CVE-2024-8176

Security Advisory Description A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML document with deeply nested entity references, libexpat can be forced to recurse indefinitely, exhausting the stac...

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to a stack overflow vulnerability in libexpat library [CVE-2024-8176]

Summary IBM Watson Speech Services Cartridge is vulnerable to a stack overflow vulnerability in libexpat library, due to the way it handles recursive entity expansion in XML documents CVE-2024-8176. The libexpat library is used as part of our speech utilities. This vulnerabilitiy has been...

EulerOS 2.0 SP11 : expat (EulerOS-SA-2025-1652)

According to the versions of the expat package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an...

Alibaba Cloud Linux 3 : 0056: expat (ALINUX3-SA-2025:0056)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2025:0056 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2024-8176: A stack overflow vulnerability exist...

Alibaba Cloud Linux 3 : 0057: xmlrpc-c (ALINUX3-SA-2025:0057)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2025:0057 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2024-8176: A stack overflow vulnerability exist...

libexpat library is vulnerable to DoS attacks through stack overflow

Overview A stack overflow vulnerability has been discovered within the libexpat open source library. When parsing XML documents with deeply nested entity references, libexpat can recurse indefinitely. This can result in exhaustion of stack space and a crash. An attacker can weaponize this to eith...

CVE-2024-8176

A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML document with deeply nested entity references, libexpat can be forced to recurse indefinitely, exhausting the stack space and causing a crash...

CVE-2024-8176

A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML document with deeply nested entity references, libexpat can be forced to recurse indefinitely, exhausting the stack space and causing a crash...

CVE-2024-8176

CVE-2024-8176 describes a stack overflow in the libexpat XML parser caused by recursive entity expansion on deeply nested XML references. This can lead to DoS and, in some environments, memory corruption. Public details in the provided documents confirm affected component (libexpat) and the root ...

CVE-2024-8176

A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML document with deeply nested entity references, libexpat can be forced to recurse indefinitely, exhausting the stack space and causing a crash...

CVE-2024-8176

A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML document with deeply nested entity references, libexpat can be forced to recurse indefinitely, exhausting the stack space and causing a crash...

CVE-2024-8176

A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML document with deeply nested entity references, libexpat can be forced to recurse indefinitely, exhausting the stack space and causing a crash...

expat: improper restriction of xml entity expansion depth

[email protected] reports: A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML document with deeply nested entity references, libexpat can be forced to recurse indefinitely, exhausting the stack...