rpm package
opensuse/expat&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/expat&distro=openSUSE%20Tumbleweed
Vulnerabilities (49)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-25313 | — | < 2.4.6-1.1 | 2.4.6-1.1 | Feb 18, 2022 | In Expat (aka libexpat) before 2.4.5, an attacker can trigger stack exhaustion in build_model via a large nesting depth in the DTD element. | ||
| CVE-2022-25235 | — | < 2.4.6-1.1 | 2.4.6-1.1 | Feb 16, 2022 | xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context. | ||
| CVE-2022-25236 | — | < 2.4.6-1.1 | 2.4.6-1.1 | Feb 16, 2022 | xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs. | ||
| CVE-2022-23990 | — | < 2.4.4-1.1 | 2.4.4-1.1 | Jan 26, 2022 | Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function. | ||
| CVE-2022-23852 | — | < 2.4.4-1.1 | 2.4.4-1.1 | Jan 24, 2022 | Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer, for configurations with a nonzero XML_CONTEXT_BYTES. | ||
| CVE-2022-22822 | — | < 2.4.3-1.1 | 2.4.3-1.1 | Jan 8, 2022 | addBinding in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. | ||
| CVE-2022-22823 | — | < 2.4.3-1.1 | 2.4.3-1.1 | Jan 8, 2022 | build_model in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. | ||
| CVE-2022-22824 | — | < 2.4.3-1.1 | 2.4.3-1.1 | Jan 8, 2022 | defineAttribute in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. | ||
| CVE-2022-22825 | — | < 2.4.3-1.1 | 2.4.3-1.1 | Jan 8, 2022 | lookup in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. | ||
| CVE-2022-22826 | — | < 2.4.3-1.1 | 2.4.3-1.1 | Jan 8, 2022 | nextScaffoldPart in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. | ||
| CVE-2022-22827 | — | < 2.4.3-1.1 | 2.4.3-1.1 | Jan 8, 2022 | storeAtts in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. | ||
| CVE-2021-46143 | — | < 2.4.3-1.1 | 2.4.3-1.1 | Jan 6, 2022 | In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_groupSize. | ||
| CVE-2021-45960 | — | < 2.4.3-1.1 | 2.4.3-1.1 | Jan 1, 2022 | In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtts function in xmlparse.c can lead to realloc misbehavior (e.g., allocating too few bytes, or only freeing memory). | ||
| CVE-2019-15903 | — | < 2.4.1-1.2 | 2.4.1-1.2 | Sep 4, 2019 | In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read. | ||
| CVE-2018-20843 | — | < 2.4.1-1.2 | 2.4.1-1.2 | Jun 24, 2019 | In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing (enough to be usable for denial-of-service attacks). | ||
| CVE-2016-9063 | Cri | 9.8 | < 2.4.1-1.2 | 2.4.1-1.2 | Jun 11, 2018 | An integer overflow during the parsing of XML using the Expat library. This vulnerability affects Firefox < 50. | |
| CVE-2017-9233 | Hig | 7.5 | < 2.4.1-1.2 | 2.4.1-1.2 | Jul 25, 2017 | XML External Entity vulnerability in libexpat 2.2.0 and earlier (Expat XML Parser Library) allows attackers to put the parser in an infinite loop using a malformed external entity definition from an external DTD. | |
| CVE-2016-4472 | Hig | 8.1 | < 2.2.0-3.1 | 2.2.0-3.1 | Jun 30, 2016 | The overflow protection in Expat is removed by compilers with certain optimization settings, which allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted XML data. NOTE: this vulnerability exists because of an incomplete fix f | |
| CVE-2016-5300 | Hig | 7.5 | < 2.2.0-3.1 | 2.2.0-3.1 | Jun 16, 2016 | The XML parser in Expat does not use sufficient entropy for hash initialization, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted identifiers in an XML document. NOTE: this vulnerability exists because of an incomplete fix for C | |
| CVE-2012-6702 | Med | 5.9 | < 2.2.0-3.1 | 2.2.0-3.1 | Jun 16, 2016 | Expat, when used in a parser that has not called XML_SetHashSalt or passed it a seed of 0, makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms via vectors involving use of the srand function. |
- CVE-2022-25313Feb 18, 2022affected < 2.4.6-1.1fixed 2.4.6-1.1
In Expat (aka libexpat) before 2.4.5, an attacker can trigger stack exhaustion in build_model via a large nesting depth in the DTD element.
- CVE-2022-25235Feb 16, 2022affected < 2.4.6-1.1fixed 2.4.6-1.1
xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context.
- CVE-2022-25236Feb 16, 2022affected < 2.4.6-1.1fixed 2.4.6-1.1
xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs.
- CVE-2022-23990Jan 26, 2022affected < 2.4.4-1.1fixed 2.4.4-1.1
Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function.
- CVE-2022-23852Jan 24, 2022affected < 2.4.4-1.1fixed 2.4.4-1.1
Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer, for configurations with a nonzero XML_CONTEXT_BYTES.
- CVE-2022-22822Jan 8, 2022affected < 2.4.3-1.1fixed 2.4.3-1.1
addBinding in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
- CVE-2022-22823Jan 8, 2022affected < 2.4.3-1.1fixed 2.4.3-1.1
build_model in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
- CVE-2022-22824Jan 8, 2022affected < 2.4.3-1.1fixed 2.4.3-1.1
defineAttribute in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
- CVE-2022-22825Jan 8, 2022affected < 2.4.3-1.1fixed 2.4.3-1.1
lookup in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
- CVE-2022-22826Jan 8, 2022affected < 2.4.3-1.1fixed 2.4.3-1.1
nextScaffoldPart in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
- CVE-2022-22827Jan 8, 2022affected < 2.4.3-1.1fixed 2.4.3-1.1
storeAtts in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
- CVE-2021-46143Jan 6, 2022affected < 2.4.3-1.1fixed 2.4.3-1.1
In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_groupSize.
- CVE-2021-45960Jan 1, 2022affected < 2.4.3-1.1fixed 2.4.3-1.1
In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtts function in xmlparse.c can lead to realloc misbehavior (e.g., allocating too few bytes, or only freeing memory).
- CVE-2019-15903Sep 4, 2019affected < 2.4.1-1.2fixed 2.4.1-1.2
In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read.
- CVE-2018-20843Jun 24, 2019affected < 2.4.1-1.2fixed 2.4.1-1.2
In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing (enough to be usable for denial-of-service attacks).
- affected < 2.4.1-1.2fixed 2.4.1-1.2
An integer overflow during the parsing of XML using the Expat library. This vulnerability affects Firefox < 50.
- affected < 2.4.1-1.2fixed 2.4.1-1.2
XML External Entity vulnerability in libexpat 2.2.0 and earlier (Expat XML Parser Library) allows attackers to put the parser in an infinite loop using a malformed external entity definition from an external DTD.
- affected < 2.2.0-3.1fixed 2.2.0-3.1
The overflow protection in Expat is removed by compilers with certain optimization settings, which allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted XML data. NOTE: this vulnerability exists because of an incomplete fix f
- affected < 2.2.0-3.1fixed 2.2.0-3.1
The XML parser in Expat does not use sufficient entropy for hash initialization, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted identifiers in an XML document. NOTE: this vulnerability exists because of an incomplete fix for C
- affected < 2.2.0-3.1fixed 2.2.0-3.1
Expat, when used in a parser that has not called XML_SetHashSalt or passed it a seed of 0, makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms via vectors involving use of the srand function.
Page 2 of 3