VYPR

rpm package

opensuse/expat&distro=openSUSE Leap Micro 5.4

pkg:rpm/opensuse/expat&distro=openSUSE%20Leap%20Micro%205.4

Vulnerabilities (2)

  • CVE-2024-28757Mar 10, 2024
    affected < 2.4.4-150400.3.17.1fixed 2.4.4-150400.3.17.1

    libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via XML_ExternalEntityParserCreate).

  • CVE-2023-52425Feb 4, 2024
    affected < 2.4.4-150400.3.17.1fixed 2.4.4-150400.3.17.1

    libexpat through 2.5.0 allows a denial of service (resource consumption) because many full reparsings are required in the case of a large token for which multiple buffer fills are needed.