Libexpat Security Vulnerabilities and Issues — Libexpat CVE List

Lucene search

Libexpat ProjectLibexpat

6 matches found

CVE•added 2022/09/14 11:15 a.m.•401 views

CVE-2022-40674

libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c.

8.1CVSS8.3AI score0.00625EPSS

CVE•added 2022/01/10 2:12 p.m.•242 views

CVE-2022-22825

lookup in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.

8.8CVSS9.2AI score0.00206EPSS

CVE•added 2022/01/06 4:15 a.m.•239 views

CVE-2021-46143

In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_groupSize.

8.1CVSS8.9AI score0.04193EPSS

CVE•added 2022/01/10 2:12 p.m.•234 views

CVE-2022-22826

nextScaffoldPart in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.

8.8CVSS9.2AI score0.00206EPSS

CVE•added 2022/01/10 2:12 p.m.•233 views

CVE-2022-22827

storeAtts in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.

8.8CVSS9.2AI score0.00279EPSS

CVE•added 2016/06/30 5:59 p.m.•189 views

CVE-2016-4472

The overflow protection in Expat is removed by compilers with certain optimization settings, which allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted XML data. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-1283 and...

8.1CVSS8.9AI score0.05699EPSS