33 matches found
CVE-2026-56410
xmlwf in libexpat before 2.8.2 has an integer overflow in resolveSystemId...
CVE-2026-56409
CVE-2026-56409 affects xmlwf in libexpat prior to 2.8.2. An integer overflow occurs in the output filename when -d outputDir is used. The CVSS 3.1 vector (LOCAL, HIGH complexity, NO privileges, user interaction required) indicates a local impact with confidentiality/ integrity impact HIGH and ava...
CVE-2026-56409
xmlwf in libexpat before 2.8.2 has an integer overflow for the output filename when -d outputDir is used...
CVE-2026-56409
xmlwf in libexpat before 2.8.2 has an integer overflow for the output filename when -d outputDir is used...
CVE-2026-56409
xmlwf in libexpat before 2.8.2 has an integer overflow for the output filename when -d outputDir is used...
PT-2026-51246
Name of the Vulnerable Software and Affected Versions libexpat versions prior to 2.8.2 Description The xmlwf component contains an integer overflow in the resolveSystemId function. An integer overflow occurs when an arithmetic operation results in a value that exceeds the maximum size of the...
Linux Distros Unpatched Vulnerability : CVE-2026-56411
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xmlwf in libexpat before 2.8.2 has an integer overflow in endDoctypeDecl via NOTATION declarations. CVE-2026-56411 Note that Nessus relies on the presence of th...
Linux Distros Unpatched Vulnerability : CVE-2026-56410
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xmlwf in libexpat before 2.8.2 has an integer overflow in resolveSystemId. CVE-2026-56410 Note that Nessus relies on the presence of the package as reported by...
Linux Distros Unpatched Vulnerability : CVE-2026-56409
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xmlwf in libexpat before 2.8.2 has an integer overflow for the output filename when -d outputDir is used. CVE-2026-56409 Note that Nessus relies on the presence...
Fedora 31 : expat (2019-613edfe68b)
This update of expat fixes the following security issue : - CVE-2019-15903 -- Fix heap overflow triggered by XMLGetCurrentLineNumber or XMLGetCurrentColumnNumber, and deny internal entities closing the doctype The following bug fixes are also included : - Fix cases where XMLStopParser did not hav...
Fedora 29 : expat (2019-672ae0f060)
This update of expat fixes the following security issue : - CVE-2019-15903 -- Fix heap overflow triggered by XMLGetCurrentLineNumber or XMLGetCurrentColumnNumber, and deny internal entities closing the doctype The following bug fixes are also included : - Fix cases where XMLStopParser did not hav...
Fedora 30 : expat (2019-9505c6b555)
This update of expat fixes the following security issue : - CVE-2019-15903 -- Fix heap overflow triggered by XMLGetCurrentLineNumber or XMLGetCurrentColumnNumber, and deny internal entities closing the doctype The following bug fixes are also included : - Fix cases where XMLStopParser did not hav...
Debian Security Advisory DSA 3582-1 (expat - security update)
Gustavo Grieco discovered that Expat, an XML parsing C library, does not properly handle certain kinds of malformed input documents, resulting in buffer overflows during processing and error reporting. A remote attacker can take advantage of this flaw to cause an application using the Expat libra...