Vulnerabilities (CVE)

Filtered by vendor Libexpat Project Subscribe
Total 29 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-40674 2 Debian, Libexpat Project 2 Debian Linux, Libexpat 2022-09-29 N/A 9.8 CRITICAL
libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c.
CVE-2022-22822 3 Libexpat Project, Siemens, Tenable 3 Libexpat, Sinema Remote Connect Server, Nessus 2022-09-29 7.5 HIGH 9.8 CRITICAL
addBinding in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
CVE-2021-46143 3 Libexpat Project, Netapp, Tenable 5 Libexpat, Clustered Data Ontap, Oncommand Workflow Automation and 2 more 2022-09-29 6.8 MEDIUM 7.8 HIGH
In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_groupSize.
CVE-2022-22827 4 Debian, Libexpat Project, Siemens and 1 more 4 Debian Linux, Libexpat, Sinema Remote Connect Server and 1 more 2022-09-29 6.8 MEDIUM 8.8 HIGH
storeAtts in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
CVE-2022-22825 4 Debian, Libexpat Project, Siemens and 1 more 4 Debian Linux, Libexpat, Sinema Remote Connect Server and 1 more 2022-09-29 6.8 MEDIUM 8.8 HIGH
lookup in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
CVE-2022-23852 5 Debian, Libexpat Project, Netapp and 2 more 6 Debian Linux, Libexpat, Clustered Data Ontap and 3 more 2022-09-29 7.5 HIGH 9.8 CRITICAL
Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer, for configurations with a nonzero XML_CONTEXT_BYTES.
CVE-2022-25235 4 Debian, Fedoraproject, Libexpat Project and 1 more 5 Debian Linux, Fedora, Libexpat and 2 more 2022-09-29 7.5 HIGH 9.8 CRITICAL
xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context.
CVE-2022-25236 3 Debian, Libexpat Project, Oracle 4 Debian Linux, Libexpat, Http Server and 1 more 2022-09-29 7.5 HIGH 9.8 CRITICAL
xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs.
CVE-2022-25313 4 Debian, Fedoraproject, Libexpat Project and 1 more 5 Debian Linux, Fedora, Libexpat and 2 more 2022-09-29 4.3 MEDIUM 6.5 MEDIUM
In Expat (aka libexpat) before 2.4.5, an attacker can trigger stack exhaustion in build_model via a large nesting depth in the DTD element.
CVE-2022-25315 4 Debian, Fedoraproject, Libexpat Project and 1 more 5 Debian Linux, Fedora, Libexpat and 2 more 2022-09-29 7.5 HIGH 9.8 CRITICAL
In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames.
CVE-2022-22826 4 Debian, Libexpat Project, Siemens and 1 more 4 Debian Linux, Libexpat, Sinema Remote Connect Server and 1 more 2022-09-29 6.8 MEDIUM 8.8 HIGH
nextScaffoldPart in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
CVE-2022-22824 4 Debian, Libexpat Project, Siemens and 1 more 4 Debian Linux, Libexpat, Sinema Remote Connect Server and 1 more 2022-09-29 7.5 HIGH 9.8 CRITICAL
defineAttribute in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
CVE-2022-22823 4 Debian, Libexpat Project, Siemens and 1 more 4 Debian Linux, Libexpat, Sinema Remote Connect Server and 1 more 2022-09-29 7.5 HIGH 9.8 CRITICAL
build_model in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
CVE-2022-25314 4 Debian, Fedoraproject, Libexpat Project and 1 more 5 Debian Linux, Fedora, Libexpat and 2 more 2022-09-29 5.0 MEDIUM 7.5 HIGH
In Expat (aka libexpat) before 2.4.5, there is an integer overflow in copyString.
CVE-2021-45960 4 Debian, Libexpat Project, Netapp and 1 more 7 Debian Linux, Libexpat, Active Iq Unified Manager and 4 more 2022-09-29 9.0 HIGH 8.8 HIGH
In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtts function in xmlparse.c can lead to realloc misbehavior (e.g., allocating too few bytes, or only freeing memory).
CVE-2022-23990 5 Debian, Fedoraproject, Libexpat Project and 2 more 5 Debian Linux, Fedora, Libexpat and 2 more 2022-09-29 7.5 HIGH 9.8 CRITICAL
Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function.
CVE-2012-0876 6 Canonical, Debian, Libexpat Project and 3 more 11 Ubuntu Linux, Debian Linux, Libexpat and 8 more 2022-08-05 4.3 MEDIUM N/A
The XML parser (xmlparse.c) in expat before 2.1.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via an XML file with many identifiers with the same value.
CVE-2017-9233 3 Debian, Libexpat Project, Python 3 Debian Linux, Libexpat, Python 2022-07-28 5.0 MEDIUM 7.5 HIGH
XML External Entity vulnerability in libexpat 2.2.0 and earlier (Expat XML Parser Library) allows attackers to put the parser in an infinite loop using a malformed external entity definition from an external DTD.
CVE-2019-15903 2 Libexpat Project, Python 2 Libexpat, Python 2022-07-28 5.0 MEDIUM 7.5 HIGH
In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read.
CVE-2013-0340 3 Apple, Libexpat Project, Python 7 Ipad Os, Iphone Os, Macos and 4 more 2022-07-05 6.8 MEDIUM N/A
expat 2.1.0 and earlier does not properly handle entities expansion unless an application developer uses the XML_SetEntityDeclHandler function, which allows remote attackers to cause a denial of service (resource consumption), send HTTP requests to intranet servers, or read arbitrary files via a crafted XML document, aka an XML External Entity (XXE) issue. NOTE: it could be argued that because expat already provides the ability to disable external entity expansion, the responsibility for resolving this issue lies with application developers; according to this argument, this entry should be REJECTed, and each affected application would need its own CVE.