rpm package
suse/expat&distro=SUSE Linux Enterprise Server 12 SP5
pkg:rpm/suse/expat&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5
Vulnerabilities (21)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-45492 | Cri | 9.8 | < 2.1.0-21.37.1 | 2.1.0-21.37.1 | Aug 30, 2024 | An issue was discovered in libexpat before 2.6.3. nextScaffoldPart in xmlparse.c can have an integer overflow for m_groupSize on 32-bit platforms (where UINT_MAX equals SIZE_MAX). | |
| CVE-2024-45491 | Cri | 9.8 | < 2.1.0-21.37.1 | 2.1.0-21.37.1 | Aug 30, 2024 | An issue was discovered in libexpat before 2.6.3. dtdCopy in xmlparse.c can have an integer overflow for nDefaultAtts on 32-bit platforms (where UINT_MAX equals SIZE_MAX). | |
| CVE-2024-45490 | Hig | 7.5 | < 2.1.0-21.37.1 | 2.1.0-21.37.1 | Aug 30, 2024 | An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XML_ParseBuffer. | |
| CVE-2023-52425 | — | < 2.1.0-21.32.1 | 2.1.0-21.32.1 | Feb 4, 2024 | libexpat through 2.5.0 allows a denial of service (resource consumption) because many full reparsings are required in the case of a large token for which multiple buffer fills are needed. | ||
| CVE-2022-43680 | — | < 2.1.0-21.28.1 | 2.1.0-21.28.1 | Oct 24, 2022 | In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations. | ||
| CVE-2022-40674 | — | < 2.1.0-21.25.1 | 2.1.0-21.25.1 | Sep 14, 2022 | libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c. | ||
| CVE-2022-25314 | — | < 2.1.0-21.18.1 | 2.1.0-21.18.1 | Feb 18, 2022 | In Expat (aka libexpat) before 2.4.5, there is an integer overflow in copyString. | ||
| CVE-2022-25315 | — | < 2.1.0-21.18.1 | 2.1.0-21.18.1 | Feb 18, 2022 | In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames. | ||
| CVE-2022-25313 | — | < 2.1.0-21.18.1 | 2.1.0-21.18.1 | Feb 18, 2022 | In Expat (aka libexpat) before 2.4.5, an attacker can trigger stack exhaustion in build_model via a large nesting depth in the DTD element. | ||
| CVE-2022-25235 | — | < 2.1.0-21.18.1 | 2.1.0-21.18.1 | Feb 16, 2022 | xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context. | ||
| CVE-2022-25236 | — | < 2.1.0-21.18.1 | 2.1.0-21.18.1 | Feb 16, 2022 | xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs. | ||
| CVE-2022-23990 | — | < 2.1.0-21.15.1 | 2.1.0-21.15.1 | Jan 26, 2022 | Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function. | ||
| CVE-2022-23852 | — | < 2.1.0-21.15.1 | 2.1.0-21.15.1 | Jan 24, 2022 | Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer, for configurations with a nonzero XML_CONTEXT_BYTES. | ||
| CVE-2022-22822 | — | < 2.1.0-21.12.1 | 2.1.0-21.12.1 | Jan 8, 2022 | addBinding in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. | ||
| CVE-2022-22823 | — | < 2.1.0-21.12.1 | 2.1.0-21.12.1 | Jan 8, 2022 | build_model in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. | ||
| CVE-2022-22824 | — | < 2.1.0-21.12.1 | 2.1.0-21.12.1 | Jan 8, 2022 | defineAttribute in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. | ||
| CVE-2022-22825 | — | < 2.1.0-21.12.1 | 2.1.0-21.12.1 | Jan 8, 2022 | lookup in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. | ||
| CVE-2022-22826 | — | < 2.1.0-21.12.1 | 2.1.0-21.12.1 | Jan 8, 2022 | nextScaffoldPart in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. | ||
| CVE-2022-22827 | — | < 2.1.0-21.12.1 | 2.1.0-21.12.1 | Jan 8, 2022 | storeAtts in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. | ||
| CVE-2021-46143 | — | < 2.1.0-21.12.1 | 2.1.0-21.12.1 | Jan 6, 2022 | In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_groupSize. |
- affected < 2.1.0-21.37.1fixed 2.1.0-21.37.1
An issue was discovered in libexpat before 2.6.3. nextScaffoldPart in xmlparse.c can have an integer overflow for m_groupSize on 32-bit platforms (where UINT_MAX equals SIZE_MAX).
- affected < 2.1.0-21.37.1fixed 2.1.0-21.37.1
An issue was discovered in libexpat before 2.6.3. dtdCopy in xmlparse.c can have an integer overflow for nDefaultAtts on 32-bit platforms (where UINT_MAX equals SIZE_MAX).
- affected < 2.1.0-21.37.1fixed 2.1.0-21.37.1
An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XML_ParseBuffer.
- CVE-2023-52425Feb 4, 2024affected < 2.1.0-21.32.1fixed 2.1.0-21.32.1
libexpat through 2.5.0 allows a denial of service (resource consumption) because many full reparsings are required in the case of a large token for which multiple buffer fills are needed.
- CVE-2022-43680Oct 24, 2022affected < 2.1.0-21.28.1fixed 2.1.0-21.28.1
In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityParserCreate in out-of-memory situations.
- CVE-2022-40674Sep 14, 2022affected < 2.1.0-21.25.1fixed 2.1.0-21.25.1
libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c.
- CVE-2022-25314Feb 18, 2022affected < 2.1.0-21.18.1fixed 2.1.0-21.18.1
In Expat (aka libexpat) before 2.4.5, there is an integer overflow in copyString.
- CVE-2022-25315Feb 18, 2022affected < 2.1.0-21.18.1fixed 2.1.0-21.18.1
In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames.
- CVE-2022-25313Feb 18, 2022affected < 2.1.0-21.18.1fixed 2.1.0-21.18.1
In Expat (aka libexpat) before 2.4.5, an attacker can trigger stack exhaustion in build_model via a large nesting depth in the DTD element.
- CVE-2022-25235Feb 16, 2022affected < 2.1.0-21.18.1fixed 2.1.0-21.18.1
xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context.
- CVE-2022-25236Feb 16, 2022affected < 2.1.0-21.18.1fixed 2.1.0-21.18.1
xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs.
- CVE-2022-23990Jan 26, 2022affected < 2.1.0-21.15.1fixed 2.1.0-21.15.1
Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function.
- CVE-2022-23852Jan 24, 2022affected < 2.1.0-21.15.1fixed 2.1.0-21.15.1
Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer, for configurations with a nonzero XML_CONTEXT_BYTES.
- CVE-2022-22822Jan 8, 2022affected < 2.1.0-21.12.1fixed 2.1.0-21.12.1
addBinding in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
- CVE-2022-22823Jan 8, 2022affected < 2.1.0-21.12.1fixed 2.1.0-21.12.1
build_model in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
- CVE-2022-22824Jan 8, 2022affected < 2.1.0-21.12.1fixed 2.1.0-21.12.1
defineAttribute in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
- CVE-2022-22825Jan 8, 2022affected < 2.1.0-21.12.1fixed 2.1.0-21.12.1
lookup in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
- CVE-2022-22826Jan 8, 2022affected < 2.1.0-21.12.1fixed 2.1.0-21.12.1
nextScaffoldPart in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
- CVE-2022-22827Jan 8, 2022affected < 2.1.0-21.12.1fixed 2.1.0-21.12.1
storeAtts in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.
- CVE-2021-46143Jan 6, 2022affected < 2.1.0-21.12.1fixed 2.1.0-21.12.1
In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_groupSize.
Page 1 of 2