Debian/expat — 77 CVEs · VulnScope

pkg:Debian/expat

77 total CVEsCRITICAL15HIGH36MEDIUM12LOW2

✅ Check your installed version

All known vulnerabilities

CRITICAL9.8CVE-2024-45492An issue was discovered in libexpat before 2.6.3.
from 0, < 2.2.10-2+deb11u6
CRITICAL9.8CVE-2024-45491An issue was discovered in libexpat before 2.6.3.
from 0, < 2.2.10-2+deb11u6
CRITICAL9.8In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames.
from 0, < 2.2.10-2+deb11u2
CRITICAL9.8xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs.
from 0, < 2.2.10-2+deb11u2
CRITICAL9.8expat - security update
from 0, < 2.2.6-2+deb10u3
CRITICAL9.8expat - security update
from 0, < 2.2.10-2+deb11u2
CRITICAL9.8expat - security update
from 0, < 2.2.10-2+deb11u1
CRITICAL9.8expat - security update
from 0, < 2.2.0-2+deb9u5
CRITICAL9.8defineAttribute in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
from 0, < 2.2.10-2+deb11u1
CRITICAL9.8build_model in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
from 0, < 2.2.10-2+deb11u1
CRITICAL9.8addBinding in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
from 0, < 2.2.10-2+deb11u1
CRITICAL9.8An integer overflow during the parsing of XML using the Expat library.
from 0, < 2.2.0-2
CRITICAL9.8expat - security update
from 0, < 2.1.0-1+deb7u3
CRITICAL9.8expat - security update
from 0, < 2.1.1-2
CRITICAL9.8expat - security update
from 0, < 2.1.0-6+deb8u2
HIGH8.8storeAtts in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
from 0, < 2.2.10-2+deb11u1
HIGH8.8nextScaffoldPart in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
from 0, < 2.2.10-2+deb11u1
HIGH8.8lookup in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
from 0, < 2.2.10-2+deb11u1
HIGH8.8expat - security update
from 0, < 2.2.10-2+deb11u1
HIGH8.8expat - security update
from 0, < 2.2.6-2+deb10u2
HIGH8.8expat - security update
from 0, < 2.2.0-2+deb9u4
HIGH8.1expat - security update
from 0, < 2.2.10-2+deb11u4
HIGH8.1expat - security update
from 0, < 2.2.6-2+deb10u5
HIGH8.1expat - security update
from 0, < 2.2.10-2+deb11u4
HIGH8.1The overflow protection in Expat is removed by compilers with certain optimization settings, which allows remote attackers to cause a denia…
from 0, < 2.1.1-2
HIGH7.8In libexpat before 2.7.4, the doContent function does not properly determine the buffer size bufSize because there is no integer overflow c…
from 0
HIGH7.8In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_groupSize.
from 0, < 2.2.10-2+deb11u1
HIGH7.5In libexpat before 2.8.1, the computational complexity of attribute name collision checks allows a denial of service via moderately sized c…
from 0
HIGH7.5thunderbird - security update
from 0
HIGH7.5A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents.
from 0
HIGH7.5expat - security update
from 0, < 2.2.10-2+deb11u6
HIGH7.5expat - security update
from 0, < 2.5.0-1+deb12u1
HIGH7.5libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via XML_ExternalEntity…
from 0
HIGH7.5expat - security update
from 0, < 2.2.10-2+deb11u6
HIGH7.5expat - security update
from 0, < 2.2.10-2+deb11u6
HIGH7.5expat - security update
from 0, < 2.2.6-2+deb10u7
HIGH7.5expat - security update
from 0, < 2.2.10-2+deb11u5
HIGH7.5expat - security update
from 0, < 2.2.6-2+deb10u6
HIGH7.5expat - security update
from 0, < 2.2.10-2+deb11u5
HIGH7.5In Expat (aka libexpat) before 2.4.5, there is an integer overflow in copyString.
from 0, < 2.2.10-2+deb11u2
HIGH7.5Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function.
from 0, < 2.2.10-2+deb11u1
HIGH7.5expat - security update
from 0, < 2.2.7-2
HIGH7.5expat - security update
from 0, < 2.1.0-6+deb8u6
HIGH7.5expat - security update
from 0, < 2.2.0-2+deb9u3
HIGH7.5expat - security update
from 0, < 2.2.0-2+deb9u2
HIGH7.5expat - security update
from 0, < 2.2.6-2
HIGH7.5expat - security update
from 0, < 2.1.0-6+deb8u5
HIGH7.5expat - security update
from 0, < 2.2.1-1
HIGH7.5expat - security update
from 0, < 2.1.0-6+deb8u4
HIGH7.5expat - security update
from 0, < 2.1.0-1+deb7u5
HIGH7.5The XML parser in Expat does not use sufficient entropy for hash initialization, which allows context-dependent attackers to cause a denial…
from 0, < 2.1.1-3
MEDIUM6.5In Expat (aka libexpat) before 2.4.5, an attacker can trigger stack exhaustion in build_model via a large nesting depth in the DTD element.
from 0, < 2.2.10-2+deb11u2
MEDIUM5.9libexpat before 2.8.2 lacks handler call depth tracking for calls to XML_GetBuffer, XML_Parse, XML_ParseBuffer, XML_ParserFree, or XML_Pars…
from 0
MEDIUM5.9expat - security update
from 0, < 2.2.10-2+deb11u7
MEDIUM5.9expat - security update
from 0, < 2.2.10-2+deb11u7
MEDIUM5.9expat - security update
from 0, < 2.1.0-1+deb7u4
MEDIUM5.9expat - security update
from 0, < 2.1.1-3
MEDIUM5.9expat - security update
from 0, < 2.1.0-6+deb8u3
MEDIUM5.5libexpat before 2.7.5 allows a NULL pointer dereference in the function setContext on retry after an earlier ouf-of-memory condition.
from 0
MEDIUM5.5libexpat before 2.7.5 allows an infinite loop while parsing DTD content.
from 0
MEDIUM5.5libexpat before 2.7.5 allows a NULL pointer dereference with empty external parameter entity content.
from 0
MEDIUM5.5In libexpat through 2.7.3, a crafted file with an approximate size of 2 MiB can lead to dozens of seconds of processing time.
from 0
MEDIUM5.5libexpat through 2.5.0 allows recursive XML Entity Expansion if XML_DTD is undefined at compile time.
from 0
LOW2.9libexpat before 2.8.0 uses insufficient entropy, and thus hash flooding can occur via a crafted XML document.
from 0
LOW2.5In libexpat before 2.7.4, XML_ExternalEntityParserCreate does not copy unknown encoding handler user data.
from 0
—expat - security update
from 0, < 2.1.0-1+deb7u2
—expat - security update
from 0, < 2.0.1-7+squeeze2
—expat - security update
from 0, < 2.1.0-7
—expat before version 2.4.0 does not properly handle entities expansion unless an application developer uses the XML_SetEntityDeclHandler fu…
from 0
—Memory leak in the poolGrow function in expat/lib/xmlparse.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of…
from 0, < 2.1.0~beta3-1
—expat - several
from 0, < 2.0.1-7+squeeze1
—expat - several
from 0, < 2.1.0~beta3-1
—expat - regression fix
from 0, < 2.0.1-6
—expat - regression fix
from 0, < 1.95.8-3.4+etch2
—expat - regression fix
from 0, < 1.95.8-3.4+etch3
—expat - denial of service
from 0, < 2.0.1-5
—expat - denial of service
from 0, < 1.95.8-3.4+etch1