2703 matches found
[slackware-security] expat
New expat packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/expat-2.7.4-i586-1slack15.0.txz: Upgraded. This update fixes security issues: Function XMLExternalEntityParserCreate failed to copy the...
fast-xml-parser has RangeError DoS Numeric Entities Bug
Summary A RangeError vulnerability exists in the numeric entity processing of fast-xml-parser when parsing XML with out-of-range entity code points e.g., or . This causes the parser to throw an uncaught exception, crashing any application that processes untrusted XML input. Details The...
@activepieces/piece-amazon-s3 (>=0.5.4 <=0.5.8), @activepieces/piece-amazon-ses (>=0.0.1 <=0.1.3) +997 more potentially affected by CVE-2026-25128 via fast-xml-parser (>=5.0.9 <=5.3.3)
fast-xml-parser NPM version =5.0.9, =0.5.4, =0.0.1, =13.1.4, =1.0.0, =1.9.12, =1.0.3, =1.1.31, =1.0.0, =1.7.16, =2.33.6, =1.4.37, =1.6.11, =1.6.22 and more Source cves: CVE-2026-25128 Source advisory: OSV:GHSA-37QJ-FRW5-HHJH...
GHSA-37QJ-FRW5-HHJH fast-xml-parser has RangeError DoS Numeric Entities Bug
Summary A RangeError vulnerability exists in the numeric entity processing of fast-xml-parser when parsing XML with out-of-range entity code points e.g., or . This causes the parser to throw an uncaught exception, crashing any application that processes untrusted XML input. Details The...
Exploit for CVE-2025-15545
CVE-2025-15545 Information Vendor: TP-Link Vendor'...
CVE-2026-25128
fast-xml-parser allows users to validate XML, parse XML to JS object, or build XML from JS object without C/C++ based libraries and no callback. In versions 5.0.9 through 5.3.3, a RangeError vulnerability exists in the numeric entity processing of fast-xml-parser when parsing XML with out-of-rang...
UBUNTU-CVE-2026-25128
fast-xml-parser allows users to validate XML, parse XML to JS object, or build XML from JS object without C/C++ based libraries and no callback. In versions 5.0.9 through 5.3.3, a RangeError vulnerability exists in the numeric entity processing of fast-xml-parser when parsing XML with out-of-rang...
CVE-2026-25128
fast-xml-parser allows users to validate XML, parse XML to JS object, or build XML from JS object without C/C++ based libraries and no callback. In versions 5.0.9 through 5.3.3, a RangeError vulnerability exists in the numeric entity processing of fast-xml-parser when parsing XML with out-of-rang...
Uncaught Exception
Overview fast-xml-parser is a Validate XML, Parse XML, Build XML without C/C++ based libraries Affected versions of this package are vulnerable to Uncaught Exception in the numeric entity processing when parsing XML containing out-of-range entity code points. An attacker can cause the application...
@activepieces/piece-amazon-s3 (>=0.5.4 <=0.5.8), @activepieces/piece-amazon-ses (>=0.0.1 <=0.1.3) +997 more potentially affected by CVE-2026-25128 via fast-xml-parser (>=5.0.9 <=5.3.3)
fast-xml-parser NPM version =5.0.9, =0.5.4, =0.0.1, =13.1.4, =1.0.0, =1.9.12, =1.0.3, =1.1.31, =1.0.0, =1.7.16, =2.33.6, =1.4.37, =1.6.11, =1.6.22 and more Source cves: CVE-2026-25128 Source advisory: SNYK:JS-FASTXMLPARSER-15155603...
org.webjars.npm:bpmn-visualization (=0.47.0) potentially affected by CVE-2026-25128 via org.webjars.npm:fast-xml-parser (=5.2.5)
org.webjars.npm:fast-xml-parser MAVEN version =5.2.5 is affected by a known vulnerability. The following packages have a transitive dependency on org.webjars.npm:fast-xml-parser and may be impacted: - org.webjars.npm:bpmn-visualization =0.47.0 Source cves: CVE-2026-25128 Source advisory:...
Uncaught Exception
Overview org.webjars.npm:fast-xml-parser is a Validate XML, Parse XML, Build XML without C/C++ based libraries Affected versions of this package are vulnerable to Uncaught Exception in the numeric entity processing when parsing XML containing out-of-range entity code points. An attacker can cause...
CVE-2026-25128 fast-xml-parser has RangeError DoS Numeric Entities Bug
fast-xml-parser allows users to validate XML, parse XML to JS object, or build XML from JS object without C/C++ based libraries and no callback. In versions 5.0.9 through 5.3.3, a RangeError vulnerability exists in the numeric entity processing of fast-xml-parser when parsing XML with out-of-rang...
CVE-2026-25128 fast-xml-parser has RangeError DoS Numeric Entities Bug
fast-xml-parser allows users to validate XML, parse XML to JS object, or build XML from JS object without C/C++ based libraries and no callback. In versions 5.0.9 through 5.3.3, a RangeError vulnerability exists in the numeric entity processing of fast-xml-parser when parsing XML with out-of-rang...
CVE-2026-25128
fast-xml-parser allows users to validate XML, parse XML to JS object, or build XML from JS object without C/C++ based libraries and no callback. In versions 5.0.9 through 5.3.3, a RangeError vulnerability exists in the numeric entity processing of fast-xml-parser when parsing XML with out-of-rang...
EUVD-2026-5026
fast-xml-parser allows users to validate XML, parse XML to JS object, or build XML from JS object without C/C++ based libraries and no callback. In versions 4.3.6 through 5.3.3, a RangeError vulnerability exists in the numeric entity processing of fast-xml-parser when parsing XML with out-of-rang...
CVE-2026-25128
The CVE-2026-25128 issue affects the fast-xml-parser library (XMLParser) where numeric entity processing can trigger a RangeError when parsing out-of-range code points (e.g., � or �). The vulnerability exists in versions 4.3.6 through 5.3.3 and causes an uncaught exception, crashing applications ...
CVE-2026-25128
fast-xml-parser allows users to validate XML, parse XML to JS object, or build XML from JS object without C/C++ based libraries and no callback. In versions 5.0.9 through 5.3.3, a RangeError vulnerability exists in the numeric entity processing of fast-xml-parser when parsing XML with out-of-rang...
CVE-2026-25128 fast-xml-parser has RangeError DoS Numeric Entities Bug
fast-xml-parser allows users to validate XML, parse XML to JS object, or build XML from JS object without C/C++ based libraries and no callback. In versions 5.0.9 through 5.3.3, a RangeError vulnerability exists in the numeric entity processing of fast-xml-parser when parsing XML with out-of-rang...
PT-2026-5410
Name of the Vulnerable Software and Affected Versions fast-xml-parser versions 4.3.6 through 5.3.3 Description fast-xml-parser allows users to validate XML, parse XML to JS object, or build XML from JS object without C/C++ based libraries and no callback. In versions 4.3.6 through 5.3.3, a...