Denial Of Service (DOS)

🗓️ 02 Sep 2024 14:22:12Reported by Veracode Vulnerability DatabaseType

veracode🔗 sca.analysiscenter.veracode.com👁 11 Views

libexpat.so has a Denial Of Service vulnerability in xmlparse.c due to negative length handling.

Reporter	Title	Published	Views	Family All 326
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities have been identified in IBM Db2 shipped with IBM WebSphere Remote Server	7 Aug 202515:41	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in libexpat affects IBM Cloud Pak System[CVE-2024-45490]	28 Jan 202522:08	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in IBM API Connect	15 Mar 202500:18	–	ibm
IBM Security Bulletins	Security Bulletin: There are multiple vulnerabilities in IBM DB2 bundled with IBM Application Performance Management products.	8 Aug 202509:58	–	ibm
IBM Security Bulletins	Security Bulletin: IBM App Connect Enterprise Certified Container UBI updates	4 Dec 202410:17	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in libexpat affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component.	12 Mar 202517:39	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data v5.0.3 is vulnerable to multiple Base OS issues	15 Apr 202503:20	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Tivoli Network Manager IP Edition (ITNM).	29 Jan 202504:50	–	ibm
IBM Security Bulletins	Security Bulletin: AIX is affected by multiple vulnerabilities due to Python	5 Nov 202422:07	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in libexpat affects IBM watsonx Assistant for IBM Cloud Pak for Data	5 Feb 202520:28	–	ibm

Vulners

Node

libexpat expatMatch2.3.0-r0cpp

AND

libexpat expatMatch2.4.6-r0cpp

AND

libexpat expatMatch2.4.9-r0cpp

AND

libexpat expatMatch2.4.1-r0cpp

AND

libexpat expatMatch2.4.5-r0cpp

AND

libexpat expatMatch2.5.0-r1cpp

AND

libexpat expatMatch2.4.3-r0cpp

AND

libexpat expatMatch2.2.9-r1cpp

AND

libexpat expatMatch2.6.1-r0cpp

AND

libexpat expatMatch2.5.0-r0cpp

AND

libexpat expatMatch2.5.0-r2cpp

AND

libexpat expatMatch2.4.8-r1cpp

AND

libexpat expatMatch2.4.8-r0cpp

AND

libexpat expatMatch2.6.0-r0cpp

AND

libexpat expatMatch2.2.10-r1cpp

AND

libexpat expatMatch2.6.2-r0cpp

AND

libexpat expatMatch2.4.2-r0cpp

AND

libexpat expatMatch2.4.4-r0cpp

AND

libexpat expatMatch2.4.7-r0cpp

AND

alpinelinux alpine_linuxMatchedge

libexpat expatMatch2.6.2-r0cpp

AND

libexpat expatMatch2.6.0-r0cpp

AND

libexpat expatMatch2.5.0-r0cpp

AND

alpinelinux alpine_linuxMatch3.17

libexpat expatMatch2.6.2-r0cpp

AND

alpinelinux alpine_linuxMatch3.20

libexpat expatMatch2.6.2-r0cpp

AND

libexpat expatMatch2.5.0-r2cpp

AND

libexpat expatMatch2.6.0-r0cpp

AND

alpinelinux alpine_linuxMatch3.19

libexpat expatMatch2.6.2-r0cpp

AND

libexpat expatMatch2.5.0-r1cpp

AND

libexpat expatMatch2.6.0-r0cpp

AND

alpinelinux alpine_linuxMatch3.18

libexpat expatMatch2.2.10-1debian

AND

libexpat expatMatch2.4.1-2debian

AND

debian debian_linuxMatch999

libexpat expatMatch2.2.10-1debian

AND

debian debian_linuxMatch11

qt5-qtwebengine qt5-qtwebengineMatch5.15.12-r10cpp

AND

qt5-qtwebengine qt5-qtwebengineMatch5.15.12-r0cpp

AND

qt5-qtwebengine qt5-qtwebengineMatch5.15.3_git20210510-r0cpp

AND

qt5-qtwebengine qt5-qtwebengineMatch5.15.11-r2cpp

AND

qt5-qtwebengine qt5-qtwebengineMatch5.15.15-r3cpp

AND

qt5-qtwebengine qt5-qtwebengineMatch5.15.3_git20200401-r3cpp

AND

qt5-qtwebengine qt5-qtwebengineMatch5.15.14-r5cpp

AND

qt5-qtwebengine qt5-qtwebengineMatch5.15.17-r1cpp

AND

qt5-qtwebengine qt5-qtwebengineMatch5.15.16-r6cpp

AND

qt5-qtwebengine qt5-qtwebengineMatch5.15.3_git20200401-r0cpp

AND

qt5-qtwebengine qt5-qtwebengineMatch5.15.3_git20200401-r1cpp

AND

qt5-qtwebengine qt5-qtwebengineMatch5.15.15-r7cpp

AND

qt5-qtwebengine qt5-qtwebengineMatch5.15.3_git20220407-r1cpp

AND

qt5-qtwebengine qt5-qtwebengineMatch5.15.15-r2cpp

AND

qt5-qtwebengine qt5-qtwebengineMatch5.15.11-r10cpp

AND

qt5-qtwebengine qt5-qtwebengineMatch5.15.3_git20220304-r2cpp

AND

qt5-qtwebengine qt5-qtwebengineMatch5.15.16-r7cpp

AND

qt5-qtwebengine qt5-qtwebengineMatch5.15.3_git20200401-r2cpp

AND

qt5-qtwebengine qt5-qtwebengineMatch5.15.15-r0cpp

AND

qt5-qtwebengine qt5-qtwebengineMatch5.15.16-r9cpp

AND

qt5-qtwebengine qt5-qtwebengineMatch5.15.3_git20220505-r0cpp

AND

qt5-qtwebengine qt5-qtwebengineMatch5.15.14-r6cpp

AND

qt5-qtwebengine qt5-qtwebengineMatch5.15.3_git20220601-r1cpp

AND

qt5-qtwebengine qt5-qtwebengineMatch5.15.3_git20220601-r0cpp

AND

qt5-qtwebengine qt5-qtwebengineMatch5.15.14-r7cpp

AND

qt5-qtwebengine qt5-qtwebengineMatch5.15.13-r0cpp

AND

qt5-qtwebengine qt5-qtwebengineMatch5.15.17-r2cpp

AND

qt5-qtwebengine qt5-qtwebengineMatch5.15.16-r8cpp

AND

qt5-qtwebengine qt5-qtwebengineMatch5.15.12-r9cpp

AND

qt5-qtwebengine qt5-qtwebengineMatch5.15.16-r0cpp

AND

qt5-qtwebengine qt5-qtwebengineMatch5.15.14-r2cpp

AND

qt5-qtwebengine qt5-qtwebengineMatch5.15.11-r13cpp

AND

qt5-qtwebengine qt5-qtwebengineMatch5.15.11-r0cpp

AND

qt5-qtwebengine qt5-qtwebengineMatch5.15.2-r4cpp

AND

qt5-qtwebengine qt5-qtwebengineMatch5.15.14-r1cpp

AND

qt5-qtwebengine qt5-qtwebengineMatch5.15.11-r3cpp

AND

qt5-qtwebengine qt5-qtwebengineMatch5.14.1-r2cpp

AND

qt5-qtwebengine qt5-qtwebengineMatch5.14.1-r3cpp

AND

qt5-qtwebengine qt5-qtwebengineMatch5.14.2-r0cpp

AND

qt5-qtwebengine qt5-qtwebengineMatch5.15.13-r1cpp

AND

qt5-qtwebengine qt5-qtwebengineMatch5.15.14-r4cpp

AND

qt5-qtwebengine qt5-qtwebengineMatch5.15.11-r12cpp

AND

qt5-qtwebengine qt5-qtwebengineMatch5.15.3_git20220304-r1cpp

AND

qt5-qtwebengine qt5-qtwebengineMatch5.15.3_git20220601-r2cpp

AND

qt5-qtwebengine qt5-qtwebengineMatch5.14.1-r1cpp

AND

qt5-qtwebengine qt5-qtwebengineMatch5.15.11-r4cpp

AND

qt5-qtwebengine qt5-qtwebengineMatch5.15.12-r6cpp

AND

qt5-qtwebengine qt5-qtwebengineMatch5.15.14-r0cpp

AND

qt5-qtwebengine qt5-qtwebengineMatch5.15.12-r2cpp

AND

qt5-qtwebengine qt5-qtwebengineMatch5.15.16-r1cpp

AND

qt5-qtwebengine qt5-qtwebengineMatch5.15.17-r0cpp

AND

qt5-qtwebengine qt5-qtwebengineMatch5.15.11-r7cpp

AND

qt5-qtwebengine qt5-qtwebengineMatch5.15.12-r8cpp

AND

qt5-qtwebengine qt5-qtwebengineMatch5.15.15-r1cpp

AND

qt5-qtwebengine qt5-qtwebengineMatch5.15.3_git20220304-r0cpp

AND

qt5-qtwebengine qt5-qtwebengineMatch5.15.3_git20220121-r2cpp

AND

qt5-qtwebengine qt5-qtwebengineMatch5.15.3_git20220121-r3cpp

AND

qt5-qtwebengine qt5-qtwebengineMatch5.15.11-r9cpp

AND

qt5-qtwebengine qt5-qtwebengineMatch5.15.3_git20210510-r1cpp

AND

alpinelinux alpine_linuxMatchedge

qt5-qtwebengine qt5-qtwebengineMatch5.15.16-r11cpp

AND

qt5-qtwebengine qt5-qtwebengineMatch5.15.16-r8cpp

AND

qt5-qtwebengine qt5-qtwebengineMatch5.15.16-r9cpp

AND

qt5-qtwebengine qt5-qtwebengineMatch5.15.16-r10cpp

AND

alpinelinux alpine_linuxMatch3.20

qt6-qtwebengine qt6-qtwebengineMatch6.2.3-r0cpp

AND

qt6-qtwebengine qt6-qtwebengineMatch6.6.2-r2cpp

AND

qt6-qtwebengine qt6-qtwebengineMatch6.6.3-r1cpp

AND

qt6-qtwebengine qt6-qtwebengineMatch6.3.0-r0cpp

AND

qt6-qtwebengine qt6-qtwebengineMatch6.3.1-r0cpp

AND

qt6-qtwebengine qt6-qtwebengineMatch6.6.0-r5cpp

AND

qt6-qtwebengine qt6-qtwebengineMatch6.5.0-r0cpp

AND

qt6-qtwebengine qt6-qtwebengineMatch6.6.3-r5cpp

AND

qt6-qtwebengine qt6-qtwebengineMatch6.7.2-r2cpp

AND

qt6-qtwebengine qt6-qtwebengineMatch6.6.3-r0cpp

AND

qt6-qtwebengine qt6-qtwebengineMatch6.6.1-r1cpp

AND

qt6-qtwebengine qt6-qtwebengineMatch6.2.3-r2cpp

AND

qt6-qtwebengine qt6-qtwebengineMatch6.7.2-r5cpp

AND

qt6-qtwebengine qt6-qtwebengineMatch6.2.2-r0cpp

AND

qt6-qtwebengine qt6-qtwebengineMatch6.4.0-r0cpp

AND

qt6-qtwebengine qt6-qtwebengineMatch6.4.2-r4cpp

AND

qt6-qtwebengine qt6-qtwebengineMatch6.6.1-r0cpp

AND

qt6-qtwebengine qt6-qtwebengineMatch6.4.1-r0cpp

AND

qt6-qtwebengine qt6-qtwebengineMatch6.5.3-r0cpp

AND

qt6-qtwebengine qt6-qtwebengineMatch6.5.0-r1cpp

AND

qt6-qtwebengine qt6-qtwebengineMatch6.6.2-r0cpp

AND

qt6-qtwebengine qt6-qtwebengineMatch6.2.4-r0cpp

AND

qt6-qtwebengine qt6-qtwebengineMatch6.5.1-r0cpp

AND

qt6-qtwebengine qt6-qtwebengineMatch6.3.1-r1cpp

AND

qt6-qtwebengine qt6-qtwebengineMatch6.5.2-r1cpp

AND

qt6-qtwebengine qt6-qtwebengineMatch6.6.3-r2cpp

AND

qt6-qtwebengine qt6-qtwebengineMatch6.2.3-r1cpp

AND

qt6-qtwebengine qt6-qtwebengineMatch6.6.2-r1cpp

AND

qt6-qtwebengine qt6-qtwebengineMatch6.6.3-r4cpp

AND

qt6-qtwebengine qt6-qtwebengineMatch6.4.2-r5cpp

AND

qt6-qtwebengine qt6-qtwebengineMatch6.2.3-r3cpp

AND

qt6-qtwebengine qt6-qtwebengineMatch6.7.2-r1cpp

AND

qt6-qtwebengine qt6-qtwebengineMatch6.6.3-r3cpp

AND

qt6-qtwebengine qt6-qtwebengineMatch6.4.2-r0cpp

AND

qt6-qtwebengine qt6-qtwebengineMatch6.4.2-r2cpp

AND

qt6-qtwebengine qt6-qtwebengineMatch6.5.1-r1cpp

AND

qt6-qtwebengine qt6-qtwebengineMatch6.3.0-r1cpp

AND

qt6-qtwebengine qt6-qtwebengineMatch6.3.2-r0cpp

AND

qt6-qtwebengine qt6-qtwebengineMatch6.7.2-r0cpp

AND

qt6-qtwebengine qt6-qtwebengineMatch6.7.2-r4cpp

AND

qt6-qtwebengine qt6-qtwebengineMatch6.6.0-r0cpp

AND

qt6-qtwebengine qt6-qtwebengineMatch6.5.0-r2cpp

AND

qt6-qtwebengine qt6-qtwebengineMatch6.4.0-r1cpp

AND

qt6-qtwebengine qt6-qtwebengineMatch6.2.4-r1cpp

AND

qt6-qtwebengine qt6-qtwebengineMatch6.4.3-r0cpp

AND

qt6-qtwebengine qt6-qtwebengineMatch6.5.2-r0cpp

AND

qt6-qtwebengine qt6-qtwebengineMatch6.4.1-r1cpp

AND

qt6-qtwebengine qt6-qtwebengineMatch6.6.0-r1cpp

AND

qt6-qtwebengine qt6-qtwebengineMatch6.2.2-r1cpp

AND

alpinelinux alpine_linuxMatchedge

libexpat.so libexpat.soRange0.5.0–1.9.2cpp

Source	Link
github	www.github.com/libexpat/libexpat/issues/887
github	www.github.com/libexpat/libexpat/commit/5c1a31642e243f4870c0bd1f2afc7597976521bf
github	www.github.com/libexpat/libexpat/pull/890
security	www.security.netapp.com/advisory/ntap-20241018-0004/

14 Mar 2025 21:22Current

9.4High risk

Vulners AI Score9.4

CVSS 3.17.5 - 9.8

EPSS0.00613

SSVC