VYPR

apk package

wolfi/expat-doc

pkg:apk/wolfi/expat-doc

Vulnerabilities (5)

  • CVE-2026-56409Jun 21, 2026
    affected < 2.8.2-r0fixed 2.8.2-r0

    xmlwf in libexpat before 2.8.2 has an integer overflow for the output filename when -d outputDir is used.

  • CVE-2026-56406Jun 21, 2026
    affected < 2.8.2-r0fixed 2.8.2-r0

    libexpat before 2.8.2 has an integer overflow in XML_ParseBuffer because it lacked a check that was present in XML_Parse.

  • CVE-2026-56403Jun 21, 2026
    affected < 2.8.2-r0fixed 2.8.2-r0

    libexpat before 2.8.2 has an integer overflow in storeAtts.

  • CVE-2022-43680Oct 24, 2022
    affected < 0fixed 0

    In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations.

  • CVE-2022-40674Sep 14, 2022
    affected < 0fixed 0

    libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c.