Libexpat Security Vulnerabilities and Issues — Libexpat CVE List

Lucene search

Libexpat ProjectLibexpat

10 matches found

CVE•added 2024/03/10 5:15 a.m.•8282 views

CVE-2024-28757

libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via XML_ExternalEntityParserCreate).

7.5CVSS7.4AI score0.00487EPSS

CVE•added 2019/09/04 6:15 a.m.•722 views

CVE-2019-15903

In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read.

7.5CVSS8.2AI score0.00283EPSS

CVE•added 2019/06/24 5:15 p.m.•463 views

CVE-2018-20843

In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing (enough to be usable for denial-of-service attacks).

7.8CVSS7.5AI score0.00766EPSS

CVE•added 2022/10/24 2:15 p.m.•403 views

CVE-2022-43680

In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations.

7.5CVSS7.7AI score0.00244EPSS

CVE•added 2022/01/26 7:15 p.m.•356 views

CVE-2022-23990

Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function.

7.5CVSS8.7AI score0.03519EPSS

CVE•added 2022/02/18 5:15 a.m.•269 views

CVE-2022-25314

In Expat (aka libexpat) before 2.4.5, there is an integer overflow in copyString.

7.5CVSS8.8AI score0.00341EPSS

CVE•added 2017/07/25 8:29 p.m.•234 views

CVE-2017-9233

XML External Entity vulnerability in libexpat 2.2.0 and earlier (Expat XML Parser Library) allows attackers to put the parser in an infinite loop using a malformed external entity definition from an external DTD.

7.5CVSS8.4AI score0.00439EPSS

CVE•added 2024/02/04 8:15 p.m.•173 views

CVE-2023-52425

libexpat through 2.5.0 allows a denial of service (resource consumption) because many full reparsings are required in the case of a large token for which multiple buffer fills are needed.

7.5CVSS7.5AI score0.0061EPSS

CVE•added 2016/06/16 6:59 p.m.•150 views

CVE-2016-5300

The XML parser in Expat does not use sufficient entropy for hash initialization, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted identifiers in an XML document. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0876.

7.8CVSS7.7AI score0.00505EPSS

CVE•added 2017/07/30 2:29 p.m.•48 views

CVE-2017-11742

The writeRandomBytes_RtlGenRandom function in xmlparse.c in libexpat in Expat 2.2.1 and 2.2.2 on Windows allows local users to gain privileges via a Trojan horse ADVAPI32.DLL in the current working directory because of an untrusted search path, aka DLL hijacking.

7.8CVSS7.6AI score0.00019EPSS