Filtered by vendor Libexpat Project Subscriptions
Total 38 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2021-46143 5 Libexpat Project, Netapp, Redhat and 2 more 10 Libexpat, Active Iq Unified Manager, Clustered Data Ontap and 7 more 2024-08-04 8.1 High
In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_groupSize.
CVE-2021-45960 6 Debian, Libexpat Project, Netapp and 3 more 10 Debian Linux, Libexpat, Active Iq Unified Manager and 7 more 2024-08-04 8.8 High
In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtts function in xmlparse.c can lead to realloc misbehavior (e.g., allocating too few bytes, or only freeing memory).
CVE-2022-43680 5 Debian, Fedoraproject, Libexpat Project and 2 more 24 Debian Linux, Fedora, Libexpat and 21 more 2024-08-03 7.5 High
In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations.
CVE-2022-40674 4 Debian, Fedoraproject, Libexpat Project and 1 more 9 Debian Linux, Fedora, Libexpat and 6 more 2024-08-03 8.1 High
libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c.
CVE-2022-25315 6 Debian, Fedoraproject, Libexpat Project and 3 more 12 Debian Linux, Fedora, Libexpat and 9 more 2024-08-03 9.8 Critical
In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames.
CVE-2022-25314 6 Debian, Fedoraproject, Libexpat Project and 3 more 8 Debian Linux, Fedora, Libexpat and 5 more 2024-08-03 7.5 High
In Expat (aka libexpat) before 2.4.5, there is an integer overflow in copyString.
CVE-2022-25313 6 Debian, Fedoraproject, Libexpat Project and 3 more 8 Debian Linux, Fedora, Libexpat and 5 more 2024-08-03 6.5 Medium
In Expat (aka libexpat) before 2.4.5, an attacker can trigger stack exhaustion in build_model via a large nesting depth in the DTD element.
CVE-2022-25236 5 Debian, Libexpat Project, Oracle and 2 more 11 Debian Linux, Libexpat, Http Server and 8 more 2024-08-03 9.8 Critical
xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs.
CVE-2022-25235 6 Debian, Fedoraproject, Libexpat Project and 3 more 12 Debian Linux, Fedora, Libexpat and 9 more 2024-08-03 9.8 Critical
xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context.
CVE-2022-23990 7 Debian, Fedoraproject, Libexpat Project and 4 more 8 Debian Linux, Fedora, Libexpat and 5 more 2024-08-03 7.5 High
Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function.
CVE-2022-23852 7 Debian, Libexpat Project, Netapp and 4 more 10 Debian Linux, Libexpat, Clustered Data Ontap and 7 more 2024-08-03 9.8 Critical
Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer, for configurations with a nonzero XML_CONTEXT_BYTES.
CVE-2022-22825 5 Debian, Libexpat Project, Redhat and 2 more 6 Debian Linux, Libexpat, Enterprise Linux and 3 more 2024-08-03 8.8 High
lookup in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
CVE-2022-22827 5 Debian, Libexpat Project, Redhat and 2 more 6 Debian Linux, Libexpat, Enterprise Linux and 3 more 2024-08-03 8.8 High
storeAtts in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
CVE-2022-22824 5 Debian, Libexpat Project, Redhat and 2 more 6 Debian Linux, Libexpat, Enterprise Linux and 3 more 2024-08-03 9.8 Critical
defineAttribute in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
CVE-2022-22826 5 Debian, Libexpat Project, Redhat and 2 more 6 Debian Linux, Libexpat, Enterprise Linux and 3 more 2024-08-03 8.8 High
nextScaffoldPart in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
CVE-2022-22823 5 Debian, Libexpat Project, Redhat and 2 more 6 Debian Linux, Libexpat, Enterprise Linux and 3 more 2024-08-03 9.8 Critical
build_model in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
CVE-2022-22822 5 Debian, Libexpat Project, Redhat and 2 more 6 Debian Linux, Libexpat, Enterprise Linux and 3 more 2024-08-03 9.8 Critical
addBinding in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
CVE-2023-52426 1 Libexpat Project 1 Libexpat 2024-08-02 5.5 Medium
libexpat through 2.5.0 allows recursive XML Entity Expansion if XML_DTD is undefined at compile time.