Astra Linux - уязвимость в expat, firefox, thunderbird

In libexpat before version 2.7.4, the doContent function does not properly determine the buffer size bufSize, as there is no check for integer overflow during the reallocation of the tag buffer...

JLSEC-2026-380

In libexpat before 2.7.4, the doContent function does not properly determine the buffer size bufSize because there is no integer overflow check for tag buffer reallocation...

CLSA-2026-1774283473 Fix CVE(s): CVE-2026-25210

SECURITY UPDATE: Improve determination of buffer size bufSize in function doContent - debian/patches/CVE-2026-25210.patch: fix integer overflow in doContent tag buffer reallocation - CVE-2026-25210...

CLSA-2026-1774021165 expat: Fix of CVE-2026-25210

CVE-2026-25210: fix memory corruption via integer overflow in doContent function during tag buffer reallocation...

expat: Fix of CVE-2026-25210

CVE-2026-25210: fix memory corruption via integer overflow in doContent function during tag buffer reallocation...

CLSA-2026-1774009875 Fix CVE(s): CVE-2026-25210

SECURITY UPDATE: integer overflow in doContent tag buffer reallocation. - debian/patches/CVE-2026-25210.patch: add overflow check for tag buffer reallocation - CVE-2026-25210...

Unity Linux 20.1070e Security Update: expat (UTSA-2026-006164)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006164 advisory. In libexpat before 2.7.4, the doContent function does not properly determine the buffer size bufSize because there is no integer overflow check for tag buffer...

Medium: expat

Issue Overview: In libexpat before 2.7.4, the doContent function does not properly determine the buffer size bufSize because there is no integer overflow check for tag buffer reallocation. CVE-2026-25210 Affected Packages: expat Note: This advisory is applicable to Amazon Linux 2 AL2 Core...

OESA-2026-1298 expat security update

expat is a stream-oriented XML parser library written in C. expat excels with files too large to fit RAM, and where performance and flexibility are crucial. Security Fixes: In libexpat before 2.7.4, the doContent function does not properly determine the buffer size bufSize because there is no...

ALPINE-CVE-2026-25210

In libexpat before 2.7.4, the doContent function does not properly determine the buffer size bufSize because there is no integer overflow check for tag buffer reallocation...

CVE-2026-25210

CVE-2026-25210 affects libexpat prior to 2.7.4, where doContent may miscompute bufSize due to missing integer overflow check during tag buffer reallocation. Multiple connected sources confirm the issue and reference a fix in updated expat releases; remediation is to update to a version including ...

CVE-2026-25210

In libexpat before 2.7.4, the doContent function does not properly determine the buffer size bufSize because there is no integer overflow check for tag buffer reallocation...

CVE-2026-25210

In libexpat before 2.7.4, the doContent function does not properly determine the buffer size bufSize because there is no integer overflow check for tag buffer reallocation...