Astra Linux - уязвимость в firefox, thunderbird, expat, libxmltok

In doProlog, within xmlparse.c of the Expat library also known as libexpat, there is an integer overflow issue related to mgroupSize before version 2.4.3...

Unity Linux 20.1060e / 20.1070e Security Update: expat (UTSA-2026-017360)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017360 advisory. In doProlog in xmlparse.c in Expat aka libexpat before 2.4.3, an integer overflow exists for mgroupSize. Tenable has extracted the preceding description block direct...

Siemens SIMATIC S7-1500 Integer Overflow or Wraparound (CVE-2021-46143)

In doProlog in xmlparse.c in Expat aka libexpat before 2.4.3, an integer overflow exists for mgroupSize. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description...

JLSEC-2025-64 An issue was discovered in libexpat before 2.6.3

An issue was discovered in libexpat before 2.6.3. nextScaffoldPart in xmlparse.c can have an integer overflow for mgroupSize on 32-bit platforms where UINTMAX equals SIZEMAX...

EUVD-2021-32843

Malicious code in bioql PyPI...

libexpat: integer overflow

A flaw was found in libexpat's internal nextScaffoldPart function in xmlparse.c. It can have an integer overflow for mgroupSize on 32-bit platforms where UINTMAX equals SIZEMAX...

An issue was discovered in libexpat before 2.6.3. nextScaffoldPart in xmlparse.c can have an integer overflow for m_groupSize on 32-bit platforms (where UINT_MAX equals SIZE_MAX).

...

Integer Overflow

libexpat.so is vulnerable to Integer Overflow. The vulnerability is caused due to a defect in function nextScaffoldPart within xmlparse.c. This can lead to an integer overflow for mgroupSize on 32-bit platforms where UINTMAX equals SIZEMAX...

SUSE CVE-2024-45492

An issue was discovered in libexpat before 2.6.3. nextScaffoldPart in xmlparse.c can have an integer overflow for mgroupSize on 32-bit platforms where UINTMAX equals SIZEMAX...

AZL-48466 CVE-2024-45492 affecting package expat for versions less than 2.6.3-1

An issue was discovered in libexpat before 2.6.3. nextScaffoldPart in xmlparse.c can have an integer overflow for mgroupSize on 32-bit platforms where UINTMAX equals SIZEMAX...

DEBIAN-CVE-2024-45492

An issue was discovered in libexpat before 2.6.3. nextScaffoldPart in xmlparse.c can have an integer overflow for mgroupSize on 32-bit platforms where UINTMAX equals SIZEMAX...

ALPINE-CVE-2024-45492

An issue was discovered in libexpat before 2.6.3. nextScaffoldPart in xmlparse.c can have an integer overflow for mgroupSize on 32-bit platforms where UINTMAX equals SIZEMAX...

AZL-48394 CVE-2024-45492 affecting package expat for versions less than 2.6.3-1

An issue was discovered in libexpat before 2.6.3. nextScaffoldPart in xmlparse.c can have an integer overflow for mgroupSize on 32-bit platforms where UINTMAX equals SIZEMAX...

libexpat 输入验证错误漏洞

libexpat is a streaming XML parser written in C by the libexpat team. An input validation error vulnerability exists in libexpat versions prior to 2.6.3, which stems from nextScaffoldPart in xmlparse.c on 32-bit platforms and may result in an mgroupSize integer overflow...

In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3 an integer overflow exists for m_groupSize.

...

Expat 输入验证错误漏洞

Expat is a fast streaming XML parser written in C. Expat is vulnerable in versions prior to 2.4.3. The vulnerability stems from mgroupSize in Expat's xmlparse.c that does not properly validate data boundaries when performing operations on memory, resulting in incorrect read and write operations...