ReportizFlow
Filtered by vendor Libexpat Project
Subscriptions
Filtered by product Libexpat
Subscriptions
Total
41 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-66382 | 1 Libexpat Project | 1 Libexpat | 2025-11-28 | 2.9 Low |
| In libexpat through 2.7.3, a crafted file with an approximate size of 2 MiB can lead to dozens of seconds of processing time. | ||||
| CVE-2013-0340 | 3 Apple, Libexpat Project, Python | 7 Ipados, Iphone Os, Macos and 4 more | 2025-11-25 | N/A |
| expat before version 2.4.0 does not properly handle entities expansion unless an application developer uses the XML_SetEntityDeclHandler function, which allows remote attackers to cause a denial of service (resource consumption), send HTTP requests to intranet servers, or read arbitrary files via a crafted XML document, aka an XML External Entity (XXE) issue. NOTE: it could be argued that because expat already provides the ability to disable external entity expansion, the responsibility for resolving this issue lies with application developers; according to this argument, this entry should be REJECTed, and each affected application would need its own CVE. | ||||
| CVE-2025-59375 | 1 Libexpat Project | 1 Libexpat | 2025-11-05 | 7.5 High |
| libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing. | ||||
| CVE-2024-28757 | 4 Fedoraproject, Libexpat Project, Netapp and 1 more | 23 Fedora, Libexpat, Active Iq Unified Manager and 20 more | 2025-11-05 | 7.5 High |
| libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via XML_ExternalEntityParserCreate). | ||||
| CVE-2023-52426 | 1 Libexpat Project | 1 Libexpat | 2025-11-04 | 5.5 Medium |
| libexpat through 2.5.0 allows recursive XML Entity Expansion if XML_DTD is undefined at compile time. | ||||
| CVE-2023-52425 | 2 Libexpat Project, Redhat | 4 Libexpat, Enterprise Linux, Jboss Core Services and 1 more | 2025-11-04 | 7.5 High |
| libexpat through 2.5.0 allows a denial of service (resource consumption) because many full reparsings are required in the case of a large token for which multiple buffer fills are needed. | ||||
| CVE-2024-45492 | 3 Libexpat, Libexpat Project, Redhat | 5 Expat, Libexpat, Enterprise Linux and 2 more | 2025-11-04 | 7.3 High |
| An issue was discovered in libexpat before 2.6.3. nextScaffoldPart in xmlparse.c can have an integer overflow for m_groupSize on 32-bit platforms (where UINT_MAX equals SIZE_MAX). | ||||
| CVE-2024-45491 | 3 Libexpat, Libexpat Project, Redhat | 5 Expat, Libexpat, Enterprise Linux and 2 more | 2025-11-04 | 7.3 High |
| An issue was discovered in libexpat before 2.6.3. dtdCopy in xmlparse.c can have an integer overflow for nDefaultAtts on 32-bit platforms (where UINT_MAX equals SIZE_MAX). | ||||
| CVE-2024-45490 | 2 Libexpat Project, Redhat | 5 Libexpat, Enterprise Linux, Jboss Core Services and 2 more | 2025-11-04 | 9.8 Critical |
| An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XML_ParseBuffer. | ||||
| CVE-2024-50602 | 4 Debian, Libexpat Project, Netapp and 1 more | 19 Debian Linux, Libexpat, Active Iq Unified Manager and 16 more | 2025-10-15 | 5.9 Medium |
| An issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser function because XML_StopParser can stop/suspend an unstarted parser. | ||||
| CVE-2022-43680 | 5 Debian, Fedoraproject, Libexpat Project and 2 more | 24 Debian Linux, Fedora, Libexpat and 21 more | 2025-05-30 | 7.5 High |
| In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations. | ||||
| CVE-2022-40674 | 4 Debian, Fedoraproject, Libexpat Project and 1 more | 9 Debian Linux, Fedora, Libexpat and 6 more | 2025-05-30 | 8.1 High |
| libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c. | ||||
| CVE-2022-25313 | 6 Debian, Fedoraproject, Libexpat Project and 3 more | 8 Debian Linux, Fedora, Libexpat and 5 more | 2025-05-30 | 6.5 Medium |
| In Expat (aka libexpat) before 2.4.5, an attacker can trigger stack exhaustion in build_model via a large nesting depth in the DTD element. | ||||
| CVE-2019-15903 | 3 Libexpat Project, Python, Redhat | 5 Libexpat, Python, Enterprise Linux and 2 more | 2025-05-30 | 6.5 Medium |
| In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read. | ||||
| CVE-2018-20843 | 8 Canonical, Debian, Fedoraproject and 5 more | 12 Ubuntu Linux, Debian Linux, Fedora and 9 more | 2025-05-30 | 7.5 High |
| In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing (enough to be usable for denial-of-service attacks). | ||||
| CVE-2022-25315 | 6 Debian, Fedoraproject, Libexpat Project and 3 more | 12 Debian Linux, Fedora, Libexpat and 9 more | 2025-05-05 | 9.8 Critical |
| In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames. | ||||
| CVE-2022-25314 | 6 Debian, Fedoraproject, Libexpat Project and 3 more | 8 Debian Linux, Fedora, Libexpat and 5 more | 2025-05-05 | 7.5 High |
| In Expat (aka libexpat) before 2.4.5, there is an integer overflow in copyString. | ||||
| CVE-2022-25236 | 5 Debian, Libexpat Project, Oracle and 2 more | 11 Debian Linux, Libexpat, Http Server and 8 more | 2025-05-05 | 9.8 Critical |
| xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs. | ||||
| CVE-2022-25235 | 6 Debian, Fedoraproject, Libexpat Project and 3 more | 12 Debian Linux, Fedora, Libexpat and 9 more | 2025-05-05 | 9.8 Critical |
| xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context. | ||||
| CVE-2022-23990 | 7 Debian, Fedoraproject, Libexpat Project and 4 more | 8 Debian Linux, Fedora, Libexpat and 5 more | 2025-05-05 | 7.5 High |
| Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function. | ||||