Lucene search
K

13 matches found

OSV
OSV
added 2025/02/03 8:54 a.m.6 views

SUSE-SU-2025:20045-1 Security update for expat

This update for expat fixes the following issues: - CVE-2024-45492: detect integer overflow in function nextScaffoldPart bsc1229932 - CVE-2024-45491: detect integer overflow in dtdCopy bsc1229931 - CVE-2024-45490: reject negative len for XMLParseBuffer bsc1229930 - CVE-2024-28757: XML Entity...

9.8CVSS6.9AI score0.02006EPSS
Exploits1References9
SUSE Linux
SUSE Linux
added 2025/02/03 8:54 a.m.5 views

Security update for expat

This update for expat fixes the following issues: CVE-2024-45492: detect integer overflow in function nextScaffoldPart bsc1229932 CVE-2024-45491: detect integer overflow in dtdCopy bsc1229931 CVE-2024-45490: reject negative len for XMLParseBuffer bsc1229930 CVE-2024-28757: XML Entity Expansion...

7.5CVSS7.6AI score0.02006EPSS
Exploits1References16
SUSE Linux
SUSE Linux
added 2024/10/07 12:16 p.m.4 views

Security update for mozjs115

This update for mozjs115 fixes the following issues: CVE-2024-45490: Fixed negative len for XMLParseBuffer in embedded expat bnc1230036 CVE-2024-45491: Fixed integer overflow in dtdCopy in embedded expat bnc1230037 CVE-2024-45492: Fixed integer overflow in function nextScaffoldPart in embedded...

6.9CVSS8AI score0.01686EPSS
Exploits0References12
BDU FSTEC
BDU FSTEC
added 2024/09/23 12:0 a.m.7 views

Vulnerability of the nextScaffoldPart() function (xmlparse.c) in the libexpat XML parsing library, which allows an attacker to cause a service failure or execute arbitrary code.

The vulnerability of the nextScaffoldPart function in the libexpat XML parsing library is related to integer overflow. Exploiting this vulnerability could allow an attacker to cause service failures or execute arbitrary code...

10CVSS7.6AI score0.01393EPSS
Exploits0References12Affected Software7
OSV
OSV
added 2024/09/17 9:29 p.m.5 views

CLSA-2024-1726608591 expat: Fix of 3 CVEs

CVE-2024-45490: Reject negative length for XMLParseBuffer in xmlparse.c - CVE-2024-45491: Detect integer overflow in dtdCopy on 32-bit platforms - CVE-2024-45492: Detect integer overflow in nextScaffoldPart on 32-bit platforms...

9.8CVSS7.2AI score0.01686EPSS
Exploits0References1
OSV
OSV
added 2024/09/17 9:20 p.m.4 views

CLSA-2024-1726608017 Fix CVE(s): CVE-2024-45491, CVE-2024-45492

SECURITY UPDATE: Avoid integer overflow on 32 bits systems - debian/patches/CVE-2024-45491.patch: fix dtdCopy in xmlparse.c - CVE-2024-45491 SECURITY UPDATE: Avoid integer overflow on 32 bits systems - debian/patches/CVE-2024-45492.patch: fix nextScaffoldPart in xmlparse.c - CVE-2024-45492...

9.8CVSS7.2AI score0.01393EPSS
Exploits0References1
OSV
OSV
added 2024/09/14 11:9 a.m.4 views

OESA-2024-2121 expat security update

expat is a stream-oriented XML parser library written in C. expat excels with files too large to fit RAM, and where performance and flexibility are crucial. Security Fixes: An issue was discovered in libexpat before 2.6.3. dtdCopy in xmlparse.c can have an integer overflow for nDefaultAtts on...

9.8CVSS7.4AI score0.01393EPSS
Exploits0References3
OSV
OSV
added 2024/09/12 5:46 p.m.6 views

CLSA-2024-1726163202 expat: Fix of 3 CVEs

The release version was raised because it corresponds to version 13 - CVE-2024-45490: reject negative len for XMLParseBuffer to prevent improper restriction of XML External Entity Reference - CVE-2024-45491: prevent integer overflow in dtdCopy - CVE-2024-45492: prevent integer overflow in...

9.8CVSS7.2AI score0.01686EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2024/08/30 10:4 a.m.4 views

SUSE CVE-2024-45492

An issue was discovered in libexpat before 2.6.3. nextScaffoldPart in xmlparse.c can have an integer overflow for mgroupSize on 32-bit platforms where UINTMAX equals SIZEMAX...

6.2CVSS7.3AI score0.01393EPSS
Exploits0References20
OSV
OSV
added 2024/08/30 3:15 a.m.2 views

UBUNTU-CVE-2024-45492

An issue was discovered in libexpat before 2.6.3. nextScaffoldPart in xmlparse.c can have an integer overflow for mgroupSize on 32-bit platforms where UINTMAX equals SIZEMAX...

9.8CVSS7AI score0.01393EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2022/11/08 10:1 a.m.7 views

expat: Integer overflow in nextScaffoldPart in xmlparse.c

expat libexpat is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML attributes on a single tag can libexpat can terminate unexpectedly due to integer overflow. The highest threat from this vulnerability is to availability,...

8.8CVSS7.5AI score0.02778EPSS
Exploits0References5
OSV
OSV
added 2022/08/17 6:50 p.m.10 views

CLSA-2022-1660762248 Fixed 13 CVEs in expat

CVE-2022-25236: Fix insertion of namespace-separator characters into namespace URIs - CVE-2022-25235: Fix malformed UTF-8 sequences which can lead to arbitrary code execution - CVE-2022-25315: Fix integer overflow in storeRawNames - CVE-2022-22822: Fix integer overflow in addBinding -...

9.8CVSS7.2AI score0.34174EPSS
Exploits3References1
OSV
OSV
added 2022/08/17 5:26 p.m.11 views

CLSA-2022-1660757175 Fixed 15 CVEs in expat

CVE-2022-25236: Fix insertion of namespace-separator characters into namespace URIs - CVE-2022-25235: Fix malformed UTF-8 sequences which can lead to arbitrary code execution - CVE-2022-25315: Fix integer overflow in storeRawNames - CVE-2022-22822: Fix integer overflow in addBinding -...

9.8CVSS7.2AI score0.34174EPSS
Exploits3References1
Rows per page
Query Builder