Impact
libexpat is a widely used XML parser library. The vulnerability resides in an integer overflow in the XML_ParseBuffer function, which uses an unchecked length calculation that can grow beyond the bounds of allocated memory. This overflow can corrupt memory, allowing an attacker who supplies crafted XML data to subvert control flow or corrupt state, leading to potential code execution or denial of service. The weakness is categorized as CWE-190, a classic integer overflow flaw.
Affected Systems
All installations of libexpat prior to version 2.8.2 are affected, regardless of operating system or platform. Because the library is embedded in many applications—from web servers to desktop software—any deployment that accepts XML from untrusted sources and uses the vulnerable parser is at risk. The vendor lists the product as "libexpat project:libexpat" with no specific version range given, but the UPDATE notes clarify that versions before 2.8.2 contain the flaw.
Risk and Exploitability
The CVSS score of 6.9 places this vulnerability in the moderate severity range. Exploit confidence is unknown as the EPSS score is not yet available, and the vulnerability is not yet listed in CISA’s KEV catalog. However, the nature of the integer overflow and lack of bounds checking suggest that an attacker who can feed XML data to the parsing routine could gain memory corruption. The attack vector is most likely Remote or Local, depending on whether the target application exposes the parser to external input.
OpenCVE Enrichment