28 matches found
JLSEC-2026-379
In libexpat before 2.7.4, XMLExternalEntityParserCreate does not copy unknown encoding handler user data...
Advisory ROSA-SA-2026-3235
software: expat 2.7.4 OS: ROSA-CHROME unaffected versions = expat-2.7.4-1 affected versions expat-2.7.4-1 CVE-ID: CVE-2026-24515 BDU-ID: None CVE-Crit: LOW CVE-DESC.: In libexpat before 2.7.4, the XMLExternalEntityParserCreate function does not copy custom handler data of unknown encoding...
OPENSUSE-SU-2026:20306-1 Security update for expat
This update for expat fixes the following issues: - CVE-2026-24515: failure to copy the encoding handler data passed to XMLSetUnknownEncodingHandler may cause a NULL dereference bsc1257144. - CVE-2026-25210: lack of buffer size check can lead to an integer overflow bsc1257496...
SUSE-SU-2026:20481-1 Security update for expat
This update for expat fixes the following issues: - CVE-2026-24515: failure to copy the encoding handler data passed to XMLSetUnknownEncodingHandler may cause a NULL dereference bsc1257144. - CVE-2026-25210: lack of buffer size check can lead to an integer overflow bsc1257496...
expat: Fix of CVE-2026-24515
CVE-2026-24515: Fix a null pointer dereference in the XML parser caused by the failure to copy user data for unknown encoding handlers...
CLSA-2026-1770735752 expat: Fix of CVE-2026-24515
CVE-2026-24515: Fix a null pointer dereference in the XML parser caused by the failure to copy user data for unknown encoding handlers...
CLSA-2026-1770734875 expat: Fix of CVE-2026-24515
CVE-2026-24515: Fix a null pointer dereference in the XML parser caused by the failure to copy user data for unknown encoding handlers...
CLSA-2026-1770734305 expat: Fix of CVE-2026-24515
CVE-2026-24515: Fix a null pointer dereference in the XML parser caused by the failure to copy user data for unknown encoding handlers...
CLSA-2026-1770648617 expat: Fix of CVE-2026-24515
CVE-2026-24515: make XMLExternalEntityParserCreate copy unknown encoding handler user data...
CLSA-2026-1770648267 expat: Fix of CVE-2026-24515
CVE-2026-24515: make XMLExternalEntityParserCreate copy unknown encoding handler user data...
CLSA-2026-1770647876 expat: Fix of CVE-2026-24515
CVE-2026-24515: make XMLExternalEntityParserCreate copy unknown encoding handler user data...
Updated expat packages fix security vulnerabilities
In libexpat before 2.7.4, XMLExternalEntityParserCreate does not copy unknown encoding handler user data. CVE-2026-24515 In libexpat before 2.7.4, the doContent function does not properly determine the buffer size bufSize because there is no integer overflow check for tag buffer reallocation...
OESA-2026-1274 expat security update
expat is a stream-oriented XML parser library written in C. expat excels with files too large to fit RAM, and where performance and flexibility are crucial. Security Fixes: In libexpat before 2.7.4, XMLExternalEntityParserCreate does not copy unknown encoding handler user data.CVE-2026-24515...
OESA-2026-1272 expat security update
expat is a stream-oriented XML parser library written in C. expat excels with files too large to fit RAM, and where performance and flexibility are crucial. Security Fixes: In libexpat before 2.7.4, XMLExternalEntityParserCreate does not copy unknown encoding handler user data.CVE-2026-24515...
SUSE CVE-2026-24515
In libexpat before 2.7.4, XMLExternalEntityParserCreate does not copy unknown encoding handler user data...
CVE-2026-24515
In libexpat before 2.7.4, XMLExternalEntityParserCreate does not copy unknown encoding handler user data...
ALPINE-CVE-2026-24515
In libexpat before 2.7.4, XMLExternalEntityParserCreate does not copy unknown encoding handler user data...
CVE-2026-24515
In libexpat before 2.7.4, XMLExternalEntityParserCreate does not copy unknown encoding handler user data...
AZL-75102 CVE-2026-24515 affecting package expat for versions less than 2.6.4-4
In libexpat before 2.7.4, XMLExternalEntityParserCreate does not copy unknown encoding handler user data...
UBUNTU-CVE-2026-24515
In libexpat before 2.7.4, XMLExternalEntityParserCreate does not copy unknown encoding handler user data...