CVEs (49)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
5Debian FedoraprojectLibexpat Project+2 more6Debian Linux FedoraHttp Server+3 moreMay 5, 2025 Feb 18, 2022 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In Expat (aka libexpat) before 2.4.5, there is an integer overflow in copyString. |
5Debian FedoraprojectLibexpat Project+2 more6Debian Linux FedoraHttp Server+3 moreMay 30, 2025 Feb 18, 2022 N/A· v4 6.5 MEDIUM· v3 4.3 MEDIUM· v2 In Expat (aka libexpat) before 2.4.5, an attacker can trigger stack exhaustion in build_model via a large nesting depth in the DTD element. |
4Debian Libexpat ProjectOracle+1 more5Debian Linux Http ServerLibexpat+2 moreMay 5, 2025 Feb 16, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs. |
5Debian FedoraprojectLibexpat Project+2 more6Debian Linux FedoraHttp Server+3 moreMay 5, 2025 Feb 16, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context. |
6Debian FedoraprojectLibexpat Project+3 more6Communications Metasolv Solution Debian LinuxFedora+3 moreMay 5, 2025 Jan 26, 2022 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function. |
6Debian Libexpat ProjectNetapp+3 more7Clustered Data Ontap Communications Metasolv SolutionDebian Linux+4 moreMay 5, 2025 Jan 24, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer, for configurations with a nonzero XML_CONTEXT_BYTES. |
4Debian Libexpat ProjectSiemens+1 more4Debian Linux LibexpatNessus+1 moreMay 5, 2025 Jan 10, 2022 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 storeAtts in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. |
4Debian Libexpat ProjectSiemens+1 more4Debian Linux LibexpatNessus+1 moreMay 5, 2025 Jan 10, 2022 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 nextScaffoldPart in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. |
4Debian Libexpat ProjectSiemens+1 more4Debian Linux LibexpatNessus+1 moreMay 5, 2025 Jan 10, 2022 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 lookup in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. |
4Debian Libexpat ProjectSiemens+1 more4Debian Linux LibexpatNessus+1 moreMay 5, 2025 Jan 10, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 defineAttribute in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. |
4Debian Libexpat ProjectSiemens+1 more4Debian Linux LibexpatNessus+1 moreMay 5, 2025 Jan 10, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 build_model in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. |
4Debian Libexpat ProjectSiemens+1 more4Debian Linux LibexpatNessus+1 moreMay 5, 2025 Jan 10, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 addBinding in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. |
4Libexpat Project NetappSiemens+1 more8Active Iq Unified Manager Clustered Data OntapHci Baseboard Management Controller+5 moreMay 5, 2025 Jan 6, 2022 N/A· v4 7.8 HIGH· v3 6.8 MEDIUM· v2 In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_groupSize. |
5Debian Libexpat ProjectNetapp+2 more8Active Iq Unified Manager Debian LinuxHci Baseboard Management Controller+5 moreMay 5, 2025 Jan 1, 2022 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtts function in xmlparse.c can lead to realloc misbehavior (e.g., allocating too few bytes, or only freeing memory). |
2Libexpat Project Python2Libexpat PythonMay 30, 2025 Sep 4, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted...Show more |
7Canonical DebianFedoraproject+4 more9Debian Linux FedoraHospitality Res 3700+6 moreMay 30, 2025 Jun 24, 2019 N/A· v4 7.5 HIGH· v3 7.8 HIGH· v2 In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing (enough to be usable for de...Show more |
The writeRandomBytes_RtlGenRandom function in xmlparse.c in libexpat in Expat 2.2.1 and 2.2.2 on Windows allows local users to gain privileges via a Trojan horse ADVAPI32.DLL in the current working directory because of a...Show more |
3Debian Libexpat ProjectPython3Debian Linux LibexpatPythonMay 13, 2026 Jul 25, 2017 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 XML External Entity vulnerability in libexpat 2.2.0 and earlier (Expat XML Parser Library) allows attackers to put the parser in an infinite loop using a malformed external entity definition from an external DTD. |
4Canonical Libexpat ProjectMcafee+1 more4Libexpat Policy AuditorPython+1 moreMay 6, 2026 Jun 30, 2016 N/A· v4 8.1 HIGH· v3 6.8 MEDIUM· v2 The overflow protection in Expat is removed by compilers with certain optimization settings, which allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted XML data. NO...Show more |
4Canonical DebianGoogle+1 more4Android Debian LinuxLibexpat+1 moreMay 6, 2026 Jun 16, 2016 N/A· v4 7.5 HIGH· v3 7.8 HIGH· v2 The XML parser in Expat does not use sufficient entropy for hash initialization, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted identifiers in an XML document. NOTE:...Show more |