VYPR

rpm package

suse/expat&distro=SUSE Manager Proxy 4.3

pkg:rpm/suse/expat&distro=SUSE%20Manager%20Proxy%204.3

Vulnerabilities (3)

  • CVE-2024-8176HigMar 14, 2025
    affected < 2.7.1-150400.3.28.1fixed 2.7.1-150400.3.28.1

    A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML document with deeply nested entity references, libexpat can be forced to recurse indefinitely, exhausting the stack space and c

  • CVE-2024-28757Mar 10, 2024
    affected < 2.4.4-150400.3.17.1fixed 2.4.4-150400.3.17.1

    libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via XML_ExternalEntityParserCreate).

  • CVE-2023-52425Feb 4, 2024
    affected < 2.4.4-150400.3.17.1fixed 2.4.4-150400.3.17.1

    libexpat through 2.5.0 allows a denial of service (resource consumption) because many full reparsings are required in the case of a large token for which multiple buffer fills are needed.