VYPR

Expat

by Libexpat Project

Source repositories

CVEs (14)

  • CVE-2016-0718CriMay 26, 2016
    risk 0.65cvss 9.8epss 0.13

    Expat allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input document, which triggers a buffer overflow.

  • CVE-2016-5300HigJun 16, 2016
    risk 0.49cvss 7.5epss 0.07

    The XML parser in Expat does not use sufficient entropy for hash initialization, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted identifiers in an XML document. NOTE: this vulnerability exists because of an incomplete fix for…

  • CVE-2012-6702MedJun 16, 2016
    risk 0.39cvss 5.9epss 0.02

    Expat, when used in a parser that has not called XML_SetHashSalt or passed it a seed of 0, makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms via vectors involving use of the srand function.

  • CVE-2015-1283Jul 23, 2015
    risk 0.02cvss epss 0.19

    Multiple integer overflows in the XML_GetBuffer function in Expat through 2.1.0, as used in Google Chrome before 44.0.2403.89 and other products, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via…

  • CVE-2009-3560Dec 4, 2009
    risk 0.02cvss epss 0.24

    The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, as used in the XML-Twig module for Perl, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with malformed UTF-8 sequences that trigger a buffer over-read,…

  • CVE-2019-15903Sep 4, 2019
    risk 0.01cvss epss 0.07

    In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read.

  • CVE-2018-20843Jun 24, 2019
    risk 0.01cvss epss 0.07

    In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing (enough to be usable for denial-of-service attacks).

  • CVE-2022-40674Sep 14, 2022
    risk 0.00cvss epss 0.02

    libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c.

  • CVE-2022-25315Feb 18, 2022
    risk 0.00cvss epss 0.05

    In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames.

  • CVE-2022-25313Feb 18, 2022
    risk 0.00cvss epss 0.03

    In Expat (aka libexpat) before 2.4.5, an attacker can trigger stack exhaustion in build_model via a large nesting depth in the DTD element.

  • CVE-2022-23990Jan 26, 2022
    risk 0.00cvss epss 0.04

    Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function.

  • CVE-2022-23852Jan 24, 2022
    risk 0.00cvss epss 0.05

    Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer, for configurations with a nonzero XML_CONTEXT_BYTES.

  • CVE-2022-22823Jan 8, 2022
    risk 0.00cvss epss 0.03

    build_model in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.

  • CVE-2022-22825Jan 8, 2022
    risk 0.00cvss epss 0.03

    lookup in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.