Lucene search
K

49 matches found

CVE
CVE
added 2024/03/10 12:0 a.m.8333 views

CVE-2024-28757

The CVE-2024-28757 entry concerns libexpat up to version 2.6.1, where XML External Entity (XXE) processing can be triggered when isolated external parsers are used (XML_ExternalEntityParserCreate). The impact is denial of service or resource exhaustion (availability impact: HIGH) with CVSS v3.1 b...

7.5CVSS7.4AI score0.02006EPSS
CVE
CVE
added 2019/09/04 5:59 a.m.806 views

CVE-2019-15903

CVE-2019-15903 is a libexpat/libxml2 (Expat) issue present in libexpat prior to 2.2.8. Crafted XML input could cause the parser to switch from DTD parsing to document parsing too early, and a subsequent call to XML_GetCurrentLineNumber/XML_GetCurrentColumnNumber could trigger a heap-based buffer ...

7.5CVSS8.2AI score0.06643EPSS
CVE
CVE
added 2022/02/16 12:40 a.m.710 views

CVE-2022-25235

CVE-2022-25235: In Expat (libexpat) xmltok_impl.c, there is insufficient validation of encoding (e.g., UTF-8 validity in certain contexts) prior to version 2.4.5. PUBLICLY documented impact is high/critical: CVSS 3.1 vector shows NETWORK attack, U/N UI, with C/H/I/H and a base score of 9.8. The c...

9.8CVSS9.6AI score0.04955EPSS
CVE
CVE
added 2014/01/21 6:0 p.m.676 views

CVE-2013-0340

CVE-2013-0340 concerns the expat XML parser. The issue arises from improper handling of XML entity expansion (XXE) unless an application enables XML_SetEntityDeclHandler. This can allow a remote attacker to cause denial of service (resource consumption), trigger requests to intranet endpoints, or...

6.8CVSS7.4AI score0.19433EPSS
CVE
CVE
added 2022/02/16 12:39 a.m.597 views

CVE-2022-25236

CVE-2022-25236 (Expat/libexpat) affects Expat before 2.4.5, where attackers can insert namespace-separator characters into namespace URIs in xmlparse.c. The issue can enable attacker-controlled input to trigger a denial of service or, in certain contexts (e.g., misuse of xmlns[:prefix] attribute ...

9.8CVSS9.5AI score0.34174EPSS
CVE
CVE
added 2022/02/18 4:24 a.m.541 views

CVE-2022-25315

CVE-2022-25315 affects libexpat (Expat) with an integer overflow in storeRawNames in versions before 2.4.5. Public sources (e.g., AlmaLinux ALAS2-2022-1779, AlmaLinux ALSA-2022-7811, CentOS/Red Hat advisories) indicate the issue has been addressed in later expat releases (upgrades to 2.4.5+; 2.4....

9.8CVSS9.8AI score0.04781EPSS
CVE
CVE
added 2019/06/24 4:6 p.m.521 views

CVE-2018-20843

The CVE-2018-20843 issue affects libexpat (Expat) prior to 2.2.7, where XML inputs with many colons can cause high RAM/CPU usage and enable DoS. Related CVE-2019-15903 describes a heap-based buffer over-read when crafted XML triggers early parsing state switches. Public advisories confirm that an...

7.8CVSS7.5AI score0.07107EPSS
CVE
CVE
added 2022/09/14 12:0 a.m.495 views

CVE-2022-40674

CVE-2022-40674 affects libexpat (expat) prior to 2.4.9, with a use-after-free in the doContent function of xmlparse.c. The connected advisories confirm this weakness can lead to denial of service or potentially arbitrary code execution via memory corruption, depending on how the parser handles in...

8.1CVSS8.3AI score0.01659EPSS
CVE
CVE
added 2022/01/24 1:6 a.m.486 views

CVE-2022-23852

Expat (libexpat) contains a signed integer overflow in XML_GetBuffer when XML_CONTEXT_BYTES is nonzero (CVE-2022-23852). IV was observed in multiple advisories and bulletins; the issue can lead to arbitrary code execution or crash if exploited. A fix exists in expat 2.4.4 and later; affected dist...

9.8CVSS9.6AI score0.04525EPSS
CVE
CVE
added 2022/01/26 6:2 p.m.446 views

CVE-2022-23990

CVE-2022-23990 affects Expat (libexpat) before 2.4.4. The issue is an integer overflow in doProlog, leading to denial of service and potential exploitation. Advisories from AlmaLinux and Amazon Linux indicate remediation via upgrading expat to a fixed version (e.g., Expats newer than 2.4.4; ALAS ...

7.5CVSS8.7AI score0.03992EPSS
CVE
CVE
added 2022/01/08 2:57 a.m.413 views

CVE-2022-22822

CVE-2022-22822 affects Expat (libexpat) prior to 2.4.3, where addBinding in xmlparse.c can overflow an integer and enable remote code execution or other impact as described in published advisories. The vulnerability is tied to an integer overflow in xmlparse.c (addBinding), with CVSS-derived seve...

9.8CVSS9.5AI score0.04829EPSS
CVE
CVE
added 2016/05/26 4:0 p.m.410 views

CVE-2016-0718

CVE-2016-0718 is evidenced in connected Apple documents as part of the Expat (libexpat) updates applied to OS X El Capitan and iTunes-related components. The Expat/libexpat entry notes that processing XML can trigger vulnerabilities in affected builds, with CVE-2016-0718 specifically associated w...

9.8CVSS8.7AI score0.13335EPSS
CVE
CVE
added 2024/10/27 12:0 a.m.367 views

CVE-2024-50602

CVE-2024-50602 affects libexpat prior to 2.6.4. There is a crash in XML_ResumeParser when XML_StopParser can stop/suspend an unstarted parser. Affected: expat library used by various products; root cause is improper handling of parser state. Impact is a crash (DoS potential) as described in linke...

5.9CVSS7.1AI score0.0104EPSS
CVE
CVE
added 2022/01/01 6:47 p.m.350 views

CVE-2021-45960

CVE-2021-45960 (Expat/libexpat) is corroborated by connected advisories describing a left shift (29 or more) in storeAtts() of xmlparse.c that can trigger realloc misbehavior, potentially leading to allocation errors or memory mismanagement in Expat before 2.4.3. The CVE is repeatedly listed acro...

9CVSS9.1AI score0.042EPSS
CVE
CVE
added 2022/02/18 4:25 a.m.336 views

CVE-2022-25314

CVE-2022-25314 affects Expat (libexpat) and is caused by an integer overflow in copyString() in xmlparse.c. The issue can enable arbitrary code execution or crash the process when processing crafted input. Public advisories and bulletins from AlmaLinux, AlmaLinux 9/8, Astra Linux, Cloud Foundry, ...

7.5CVSS8.8AI score0.04654EPSS
CVE
CVE
added 2022/01/08 2:57 a.m.332 views

CVE-2022-22823

CVE-2022-22823 affects Expat (libexpat) with an integer overflow in build_model() in xmlparse.c, vulnerable prior to 2.4.3. The CVE is corroborated by multiple sources (e.g., ALAS2-2022-1809, ALSA-2022-7692) and Cloud Foundry USN references, all indicating Expat pre-2.4.3 contains the overflow is...

9.8CVSS9.5AI score0.03376EPSS
CVE
CVE
added 2022/01/08 2:56 a.m.329 views

CVE-2022-22824

CVE-2022-22824 affects Expat (libexpat) with an integer overflow in defineAttribute() within xmlparse.c for versions before 2.4.3. The issue is confirmed by connected documents listing multiple Expat CVEs (e.g., CVE-2021-46143, CVE-2022-22822–22827) and advisories referencing 2.4.3 as the fix ver...

9.8CVSS9.5AI score0.03376EPSS
CVE
CVE
added 2022/01/08 2:56 a.m.295 views

CVE-2022-22827

CVE-2022-22827 affects Expat (libexpat) stored in xmlparse.c: storeAtts has an integer overflow in versions before 2.4.3. The vulnerability can be triggered by processing crafted XML content and, as described in the advisories, may lead to crashes or arbitrary code execution in some contexts. Aff...

8.8CVSS9.2AI score0.02778EPSS
CVE
CVE
added 2022/01/08 2:56 a.m.293 views

CVE-2022-22825

CVE-2022-22825 refers to an integer overflow in Expat (libexpat) within xmlparse.c (lookup function) present in versions before 2.4.3. The vulnerability is a code execution/impact class due to heap memory mismanagement from the overflow, with CVSS v3.1 base score 8.8 (high) and network/remote exp...

8.8CVSS9.2AI score0.02614EPSS
CVE
CVE
added 2012/07/03 7:0 p.m.291 views

CVE-2012-0876

The CVE-2012-0876 issue affects the Expat XML parser (xmlparse.c) prior to version 2.1.0, where hash initialization is not salted to prevent hash collisions. This enables context-dependent attackers to trigger collision-based DoS via XML files with many identical identifiers. References and downs...

4.3CVSS7.4AI score0.05724EPSS
CVE
CVE
added 2022/01/06 3:48 a.m.290 views

CVE-2021-46143

CVE-2021-46143 affects libexpat (Expat) in doProlog (xmlparse.c) with an integer overflow on m_groupSize prior to 2.4.3. The linked advisories and databases confirm related Expat overflow issues (and other overflow variants such as addBinding, build_model, defineAttribute, lookup, nextScaffoldPar...

8.1CVSS8.9AI score0.03759EPSS
CVE
CVE
added 2022/01/08 2:56 a.m.285 views

CVE-2022-22826

CVE-2022-22826 is an integer overflow in the Expat (libexpat) XML parser, specifically in nextScaffoldPart of xmlparse.c, affecting versions before 2.4.3. The initial CVE description confirms the overflow, and connected advisories/patch notes (e.g., AlmaLinux ALAS-2022-1603/7692, CESA-2022:1069) ...

8.8CVSS9.2AI score0.02778EPSS
CVE
CVE
added 2022/02/18 4:23 a.m.282 views

CVE-2022-25313

CVE-2022-25313 concerns the Expat/libexpat XML parser. The vulnerability arises from a stack-exhaustion condition triggered by a large nesting depth in the DTD element during build_model processing, allowing an attacker to cause a denial of service. Public advisories in connected docs confirm Exp...

6.5CVSS7.9AI score0.03268EPSS
CVE
CVE
added 2024/08/30 12:0 a.m.235 views

CVE-2024-45491

CVE-2024-45491 affects libexpat prior to 2.6.3. Root cause: integer overflow in nDefaultAtts within xmlparse.c on 32-bit platforms, potentially enabling memory corruption or code execution. Public details confirm exposure is tied to libexpat, with Debian/ALMA advisories indicating DoS/code exec r...

9.8CVSS7.3AI score0.0113EPSS
CVE
CVE
added 2024/08/30 12:0 a.m.228 views

CVE-2024-45490

CVE-2024-45490 affects libexpat before 2.6.3, where xmlparse.c fails to reject a negative length for XML_ParseBuffer. The issue has been documented across multiple advisories (including ALAS/ALAS2 entries and Apple security content) as enabling a remote attacker to potentially cause an unexpected...

9.8CVSS7AI score0.01686EPSS
CVE
CVE
added 2024/08/30 12:0 a.m.216 views

CVE-2024-45492

CVE-2024-45492 affects libexpat. Affected: expat library versions older than 2.6.3; vulnerability arises from an integer overflow in nextScaffoldPart() in xmlparse.c on 32-bit platforms, potentially enabling arbitrary code execution. Public advisories (CBL-Mariner, Debian DLA-3893-1, ALSA advisor...

9.8CVSS7.3AI score0.01393EPSS
CVE
CVE
added 2026/01/23 7:46 a.m.187 views

CVE-2026-24515

In libexpat before 2.7.4, XML_ExternalEntityParserCreate does not copy unknown encoding handler user data. This vulnerability (CVE-2026-24515) is reflected across multiple advisories/plugins; remediation is to update expat to a version 2.7.4 or newer where the issue is fixed.

2.9CVSS5.4AI score0.0017EPSS
CVE
CVE
added 2016/06/16 6:0 p.m.184 views

CVE-2012-6702

CVE-2012-6702 affects the Expat XML parser. Root cause: Expat may call srand or be used with a non-zero seed in XML_SetHashSalt, weakening cryptographic protections. Impact: context-dependent attackers could defeat cryptographic protections via srand-based vectors. No explicit fix in the provided...

5.9CVSS6.2AI score0.02371EPSS
CVE
CVE
added 2016/06/16 6:0 p.m.172 views

CVE-2016-5300

Expat CVE-2016-5300 is a denial-of-service vulnerability in the Expat XML parser caused by insufficient entropy used for hash initialization. The issue allows context-dependent attackers to cause CPU exhaustion via crafted identifiers in XML documents. Connected material confirms this as an Expat...

7.8CVSS7.7AI score0.06539EPSS
CVE
CVE
added 2026/05/10 6:36 a.m.149 views

CVE-2026-45186

CVE-2026-45186 affects libexpat prior to 2.8.1, where the computational complexity of attribute name collision checks allows a denial of service via moderately sized crafted XML input. The NVD entry reports a high impact on availability (CVSS: 7.5) with network attack vector and no privileges. Pu...

7.5CVSS5.7AI score0.00428EPSS
CVE
CVE
added 2026/06/04 4:20 a.m.145 views

CVE-2026-50219

libexpat before 2.8.2 lacks handler call depth tracking for calls to XML_GetBuffer, XML_Parse, XML_ParseBuffer, XML_ParserFree, or XML_ParserReset from within handlers in cases of a policy violation, causing a use-after-free. Affected: libexpat prior to 2.8.2. Impact is described as a MEDIUM-seve...

5.9CVSS5.8AI score0.00218EPSS
CVE
CVE
added 2025/09/15 12:0 a.m.130 views

CVE-2025-59375

Summary: CVE-2025-59375 affects libexpat in Expat before 2.7.2. A small XML document can trigger large dynamic memory allocations, per multiple security advisories. Affected software: libexpat (Expat) prior to version 2.7.2. Impact (as stated): Attackers may cause large memory allocations; impact...

7.5CVSS6.4AI score0.01279EPSS
CVE
CVE
added 2026/06/21 3:49 p.m.69 views

CVE-2026-56407

CVE-2026-56407 affects libexpat prior to 2.8.2, with an integer overflow in doProlog related to storeEntityValue and entity textLen. The NVD entries confirm the issue and describe the vulnerability as an integer overflow in doProlog. The CVE entry indicates a medium base score (CVSS 3.1: AV=L, AC...

6.9CVSS5.9AI score0.00102EPSS
CVE
CVE
added 2026/06/19 3:0 a.m.52 views

CVE-2026-56132

CVE-2026-56132 affects libexpat prior to 2.8.2, where a heap-based buffer overflow occurs in doProlog within xmlparse.c due to mishandled reallocation of the scaffold backing array when data-structure sharing occurs across parsers. The CVSS metrics indicate a high impact on confidentiality and in...

6.9CVSS5.6AI score0.00088EPSS
CVE
CVE
added 2026/03/16 6:54 a.m.48 views

CVE-2026-32776

libexpat prior to 2.7.5 contains a NULL pointer dereference in the handling of empty external parameter entity content during XML parsing. Affected component: expat XML parser in versions before 2.7.5. Root cause: NULL pointer dereference inside external parameter entity processing. Impact per CV...

5.5CVSS5.8AI score0.00144EPSS
CVE
CVE
added 2026/06/19 2:56 a.m.46 views

CVE-2026-56131

CVE-2026-56131 affects libexpat prior to 2.8.2, where handler call depth tracking is missing for XML_ResumeParser calls made from within handlers during a policy violation. This leads to a use-after-free condition as described (similar to CVE-2026-50219). The Connected documents identify the affe...

4.9CVSS5.3AI score0.00102EPSS
CVE
CVE
added 2026/01/30 6:40 a.m.45 views

CVE-2026-25210

CVE-2026-25210 affects libexpat prior to 2.7.4, where doContent may miscompute bufSize due to missing integer overflow check during tag buffer reallocation. Multiple connected sources confirm the issue and reference a fix in updated expat releases; remediation is to update to a version including ...

7.8CVSS6AI score0.00193EPSS
CVE
CVE
added 2026/06/21 3:58 p.m.43 views

CVE-2026-56412

In the connected CVE data, libexpat before 2.8.2 is affected: the XML_TOK_DATA_CHARS handling in doCdataSection lacks proper handler call depth tracking, enabling a use-after-free under certain policy violations. This stems from an incomplete fix for CVE-2026-50219. CVSS indicates LOCAL attack ve...

5.9CVSS5.8AI score0.00105EPSS
CVE
CVE
added 2026/04/16 4:52 p.m.42 views

CVE-2026-41080

CVE-2026-41080 affects libexpat prior to 2.7.6, where insufficient entropy in the hash function allows hash flooding when processing crafted XML documents. The CVE is broadly referenced across OSV, Debian, Red Hat, and Ubuntu entries, with the core impact described as a potential DoS due to resou...

7.5CVSS5.1AI score0.00379EPSS
CVE
CVE
added 2026/06/21 3:56 p.m.32 views

CVE-2026-56411

CVE-2026-56411 affects libexpat’s xmlwf binary, with an integer overflow in endDoctypeDecl triggered by NOTATION declarations prior to version 2.8.2. The CVSS metrics indicate a Local attack vector, high confidentiality and integrity impact, and low availability impact, with no user interaction r...

6.9CVSS5.9AI score0.0011EPSS
CVE
CVE
added 2026/03/16 6:58 a.m.30 views

CVE-2026-32777

CVE-2026-32777 affects libexpat prior to 2.7.5, where parsing DTD content can trigger an infinite loop. This behavior can cause a denial of service if a system processes crafted DTDs. The available connected documents confirm the issue and its relation to libexpat’s DTD parsing loop, with no expl...

5.5CVSS5.8AI score0.00216EPSS
CVE
CVE
added 2026/06/21 3:51 p.m.29 views

CVE-2026-56408

Vulnerability: libexpat prior to 2.8.2 has an integer overflow in copyString. Root cause: integer overflow in the copyString function. Impact: confidentiality and integrity may be affected with a CVSSv3.1 base score 6.9 (Local attack, high complexity, no user interaction). Remediation: upgrade to...

6.9CVSS5.9AI score0.00102EPSS
CVE
CVE
added 2026/06/21 3:48 p.m.28 views

CVE-2026-56406

CVE-2026-56406 affects libexpat up to version 2.8.1; the root cause is an integer overflow in XML_ParseBuffer due to a missing check that XML_Parse had. The CVSSv3.1 vector indicates Local attack, high complexity, no privileges required, no user interaction, with Confidentiality and Integrity imp...

6.9CVSS5.9AI score0.00102EPSS
CVE
CVE
added 2026/03/16 7:2 a.m.27 views

CVE-2026-32778

CVE-2026-32778 affects libexpat prior to 2.7.5, where a NULL pointer dereference can occur in setContext on retry after an out-of-memory condition. The connected IBM AIX advisory and OS advisories confirm the issue and provide a patch path, indicating remediation is to upgrade/export to a version...

5.5CVSS5.8AI score0.00143EPSS
CVE
CVE
added 2026/06/21 3:55 p.m.25 views

CVE-2026-56410

The vulnerability CVE-2026-56410 affects xmlwf in libexpat prior to 2.8.2, due to an integer overflow in resolveSystemId. Impact is indicated as high for confidentiality and integrity, with low availability impact; attack vector is local and no user interaction is required. Remedy: upgrade to lib...

6.9CVSS5.9AI score0.0011EPSS
CVE
CVE
added 2026/06/21 3:43 p.m.24 views

CVE-2026-56403

CVE-2026-56403 affects libexpat prior to 2.8.2, with an integer overflow in storeAtts. Local attack vector, high complexity, no user interaction, requires no privileges. Impact: confidentiality and integrity likely high; availability low. Base score 6.9 (CVSS 3.1). No exploitation details or reme...

6.9CVSS5.9AI score0.00102EPSS
CVE
CVE
added 2026/06/21 3:45 p.m.23 views

CVE-2026-56404

CVE-2026-56404 affects libexpat before 2.8.2, where an integer overflow occurs in addBinding. This is the only detail provided; no exploitation or remediation information is included in the supplied documents.

6.9CVSS5.9AI score0.00102EPSS
CVE
CVE
added 2026/06/21 3:47 p.m.18 views

CVE-2026-56405

The connected sources specify a vulnerability in libexpat up to version 2.8.2, caused by an integer overflow in getAttributeId. The CVE entry lists this as CVE-2026-56405 with a CVSS v3.1 base score of 6.9 (Medium) and a Local attack vector, requiring high attack complexity, no privileges, and no...

6.9CVSS5.9AI score0.00102EPSS
CVE
CVE
added 2026/06/21 3:52 p.m.18 views

CVE-2026-56409

CVE-2026-56409 affects xmlwf in libexpat prior to 2.8.2. An integer overflow occurs in the output filename when -d outputDir is used. The CVSS 3.1 vector (LOCAL, HIGH complexity, NO privileges, user interaction required) indicates a local impact with confidentiality/ integrity impact HIGH and ava...

6.5CVSS5.9AI score0.00098EPSS