rpm package
opensuse/expat&distro=openSUSE Leap Micro 5.3
pkg:rpm/opensuse/expat&distro=openSUSE%20Leap%20Micro%205.3
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-28757 | — | < 2.4.4-150400.3.17.1 | 2.4.4-150400.3.17.1 | Mar 10, 2024 | libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via XML_ExternalEntityParserCreate). | ||
| CVE-2023-52425 | — | < 2.4.4-150400.3.17.1 | 2.4.4-150400.3.17.1 | Feb 4, 2024 | libexpat through 2.5.0 allows a denial of service (resource consumption) because many full reparsings are required in the case of a large token for which multiple buffer fills are needed. |
- CVE-2024-28757Mar 10, 2024affected < 2.4.4-150400.3.17.1fixed 2.4.4-150400.3.17.1
libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via XML_ExternalEntityParserCreate).
- CVE-2023-52425Feb 4, 2024affected < 2.4.4-150400.3.17.1fixed 2.4.4-150400.3.17.1
libexpat through 2.5.0 allows a denial of service (resource consumption) because many full reparsings are required in the case of a large token for which multiple buffer fills are needed.