SUSE-SU-2026:20481-1 Security update for expat

This update for expat fixes the following issues: - CVE-2026-24515: failure to copy the encoding handler data passed to XMLSetUnknownEncodingHandler may cause a NULL dereference bsc1257144. - CVE-2026-25210: lack of buffer size check can lead to an integer overflow bsc1257496...

CLSA-2026-1770647876 expat: Fix of CVE-2026-24515

CVE-2026-24515: make XMLExternalEntityParserCreate copy unknown encoding handler user data...

OESA-2026-1272 expat security update

expat is a stream-oriented XML parser library written in C. expat excels with files too large to fit RAM, and where performance and flexibility are crucial. Security Fixes: In libexpat before 2.7.4, XMLExternalEntityParserCreate does not copy unknown encoding handler user data.CVE-2026-24515...

SUSE CVE-2026-24515

In libexpat before 2.7.4, XMLExternalEntityParserCreate does not copy unknown encoding handler user data...

CVE-2026-24515

In libexpat before 2.7.4, XMLExternalEntityParserCreate does not copy unknown encoding handler user data...

ALPINE-CVE-2026-24515

In libexpat before 2.7.4, XMLExternalEntityParserCreate does not copy unknown encoding handler user data...

CVE-2026-24515

In libexpat before 2.7.4, XML_ExternalEntityParserCreate does not copy unknown encoding handler user data. This vulnerability (CVE-2026-24515) is reflected across multiple advisories/plugins; remediation is to update expat to a version 2.7.4 or newer where the issue is fixed.

CVE-2026-24515

In libexpat before 2.7.4, XMLExternalEntityParserCreate does not copy unknown encoding handler user data...

PT-2026-4328

Name of the Vulnerable Software and Affected Versions libexpat versions prior to 2.7.4 Description The issue resides in the XML ExternalEntityParserCreate function. It does not properly copy user data for unknown encoding handlers, potentially leading to memory corruption. Reports indicate a...