VYPR
Unrated severityNVD Advisory· Published Sep 4, 2019· Updated May 30, 2025

CVE-2019-15903

CVE-2019-15903

Description

In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

86

Patches

Vulnerability mechanics

References

59

News mentions

0

No linked articles in our index yet.