Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:45826
HistoryMar 11, 2024 - 7:18 a.m.

XML Entity Expansion

2024-03-1107:18:06
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
17
libexpat
xml entity expansion
input validation
external entities
software vulnerability

AI Score

6.7

Confidence

High

EPSS

0

Percentile

10.3%

libexpat is vulnerable to XML Entity Expansion. The vulnerability is caused due to insufficient input validation and handling of external entities in the XML parser. This allows an attacker to perform an XML Entity Expansion attack.

Affected configurations

Vulners
Node
veracodelibexpat.soRange1.9.01.9.0
OR
veracodeexpat\Matchsid2.4.1-2
OR
veracodeexpat\Matchsid2.2.10-1
OR
veracodeexpat\Matchedge2.4.8-r1
OR
veracodeexpat\Matchedge2.4.5-r0
OR
veracodeexpat\Matchedge2.5.0-r0
OR
veracodeexpat\Matchedge2.2.9-r1
OR
veracodeexpat\Matchedge2.6.0-r0
OR
veracodeexpat\Matchedge2.4.8-r0
OR
veracodeexpat\Matchedge2.2.10-r1
OR
veracodeexpat\Matchedge2.4.6-r0
OR
veracodeexpat\Matchedge2.3.0-r0
OR
veracodeexpat\Matchedge2.4.4-r0
OR
veracodeexpat\Matchedge2.4.7-r0
OR
veracodeexpat\Matchedge2.4.9-r0
OR
veracodeexpat\Matchedge2.4.3-r0
OR
veracodeexpat\Matchedge2.5.0-r2
OR
veracodeexpat\Matchedge2.5.0-r1
OR
veracodeexpat\Matchedge2.6.1-r0
OR
veracodeexpat\Matchedge2.4.1-r0
OR
veracodeexpat\Matchedge2.4.2-r0
OR
veracodeexpat\Match3.162.6.0-r0
OR
veracodeexpat\Match3.162.4.8-r0
OR
veracodeexpat\Match3.162.5.0-r0
OR
veracodeexpat\Match3.162.4.9-r0
OR
veracodeexpat\Match3.172.6.0-r0
OR
veracodeexpat\Match3.172.5.0-r0
OR
veracodeexpat\Match3.192.5.0-r2
OR
veracodeexpat\Match3.192.6.0-r0
OR
veracodeexpat\Match3.182.5.0-r1
OR
veracodeexpat\Match3.182.6.0-r0
OR
veracodelibexpat.soRange1.9.01.9.0
OR
veracodeexpat\Matchsid2.4.1-2
OR
veracodeexpat\Matchsid2.2.10-1
OR
veracodeexpat\Matchedge2.4.8-r1
OR
veracodeexpat\Matchedge2.4.5-r0
OR
veracodeexpat\Matchedge2.5.0-r0
OR
veracodeexpat\Matchedge2.2.9-r1
OR
veracodeexpat\Matchedge2.6.0-r0
OR
veracodeexpat\Matchedge2.4.8-r0
OR
veracodeexpat\Matchedge2.2.10-r1
OR
veracodeexpat\Matchedge2.4.6-r0
OR
veracodeexpat\Matchedge2.3.0-r0
OR
veracodeexpat\Matchedge2.4.4-r0
OR
veracodeexpat\Matchedge2.4.7-r0
OR
veracodeexpat\Matchedge2.4.9-r0
OR
veracodeexpat\Matchedge2.4.3-r0
OR
veracodeexpat\Matchedge2.5.0-r2
OR
veracodeexpat\Matchedge2.5.0-r1
OR
veracodeexpat\Matchedge2.6.1-r0
OR
veracodeexpat\Matchedge2.4.1-r0
OR
veracodeexpat\Matchedge2.4.2-r0
OR
veracodeexpat\Match3.162.6.0-r0
OR
veracodeexpat\Match3.162.4.8-r0
OR
veracodeexpat\Match3.162.5.0-r0
OR
veracodeexpat\Match3.162.4.9-r0
OR
veracodeexpat\Match3.172.6.0-r0
OR
veracodeexpat\Match3.172.5.0-r0
OR
veracodeexpat\Match3.192.5.0-r2
OR
veracodeexpat\Match3.192.6.0-r0
OR
veracodeexpat\Match3.182.5.0-r1
OR
veracodeexpat\Match3.182.6.0-r0
VendorProductVersionCPE
veracodelibexpat.so*cpe:2.3:a:veracode:libexpat.so:*:*:*:*:*:*:*:*
veracodeexpat\sidcpe:2.3:a:veracode:expat\:sid:2.4.1-2:*:*:*:*:*:*:*
veracodeexpat\sidcpe:2.3:a:veracode:expat\:sid:2.2.10-1:*:*:*:*:*:*:*
veracodeexpat\edgecpe:2.3:a:veracode:expat\:edge:2.4.8-r1:*:*:*:*:*:*:*
veracodeexpat\edgecpe:2.3:a:veracode:expat\:edge:2.4.5-r0:*:*:*:*:*:*:*
veracodeexpat\edgecpe:2.3:a:veracode:expat\:edge:2.5.0-r0:*:*:*:*:*:*:*
veracodeexpat\edgecpe:2.3:a:veracode:expat\:edge:2.2.9-r1:*:*:*:*:*:*:*
veracodeexpat\edgecpe:2.3:a:veracode:expat\:edge:2.6.0-r0:*:*:*:*:*:*:*
veracodeexpat\edgecpe:2.3:a:veracode:expat\:edge:2.4.8-r0:*:*:*:*:*:*:*
veracodeexpat\edgecpe:2.3:a:veracode:expat\:edge:2.2.10-r1:*:*:*:*:*:*:*
Rows per page:
1-10 of 311