pkg:Debian/expat
76 total CVEsCRITICAL15HIGH36MEDIUM11LOW2
✅ Check your installed version
All known vulnerabilities
- from 0, < 2.2.10-2+deb11u6
- from 0, < 2.2.10-2+deb11u6
- CRITICAL9.8CVE-2022-25315In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames.from 0, < 2.2.10-2+deb11u2
- CRITICAL9.8CVE-2022-25236xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs.from 0, < 2.2.10-2+deb11u2
- from 0, < 2.2.6-2+deb10u3
- from 0, < 2.2.10-2+deb11u2
- from 0, < 2.2.10-2+deb11u1
- from 0, < 2.2.0-2+deb9u5
- CRITICAL9.8CVE-2022-22824defineAttribute in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.from 0, < 2.2.10-2+deb11u1
- CRITICAL9.8CVE-2022-22823build_model in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.from 0, < 2.2.10-2+deb11u1
- CRITICAL9.8CVE-2022-22822addBinding in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.from 0, < 2.2.10-2+deb11u1
- from 0, < 2.2.0-2
- from 0, < 2.1.0-1+deb7u3
- from 0, < 2.1.1-2
- from 0, < 2.1.0-6+deb8u2
- HIGH8.8CVE-2022-22827storeAtts in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.from 0, < 2.2.10-2+deb11u1
- HIGH8.8CVE-2022-22826nextScaffoldPart in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.from 0, < 2.2.10-2+deb11u1
- HIGH8.8CVE-2022-22825lookup in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.from 0, < 2.2.10-2+deb11u1
- from 0, < 2.2.10-2+deb11u1
- from 0, < 2.2.6-2+deb10u2
- from 0, < 2.2.0-2+deb9u4
- from 0, < 2.2.10-2+deb11u4
- from 0, < 2.2.6-2+deb10u5
- from 0, < 2.2.10-2+deb11u4
- HIGH8.1CVE-2016-4472The overflow protection in Expat is removed by compilers with certain optimization settings, which allows remote attackers to cause a denia…from 0, < 2.1.1-2
- HIGH7.8CVE-2026-25210In libexpat before 2.7.4, the doContent function does not properly determine the buffer size bufSize because there is no integer overflow c…from 0
- HIGH7.8CVE-2021-46143In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_groupSize.from 0, < 2.2.10-2+deb11u1
- HIGH7.5CVE-2026-45186In libexpat before 2.8.1, the computational complexity of attribute name collision checks allows a denial of service via moderately sized c…from 0
- from 0
- HIGH7.5CVE-2024-8176A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents.from 0
- from 0, < 2.2.10-2+deb11u6
- from 0, < 2.5.0-1+deb12u1
- HIGH7.5CVE-2024-28757libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via XML_ExternalEntity…from 0
- from 0, < 2.2.6-2+deb10u7
- from 0, < 2.2.10-2+deb11u6
- from 0, < 2.2.10-2+deb11u6
- from 0, < 2.2.6-2+deb10u6
- from 0, < 2.2.10-2+deb11u5
- from 0, < 2.2.10-2+deb11u5
- HIGH7.5CVE-2022-25314In Expat (aka libexpat) before 2.4.5, there is an integer overflow in copyString.from 0, < 2.2.10-2+deb11u2
- HIGH7.5CVE-2022-23990Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function.from 0, < 2.2.10-2+deb11u1
- from 0, < 2.2.0-2+deb9u3
- from 0, < 2.1.0-6+deb8u6
- from 0, < 2.2.7-2
- from 0, < 2.2.0-2+deb9u2
- from 0, < 2.2.6-2
- from 0, < 2.1.0-6+deb8u5
- from 0, < 2.2.1-1
- from 0, < 2.1.0-6+deb8u4
- from 0, < 2.1.0-1+deb7u5
- HIGH7.5CVE-2016-5300The XML parser in Expat does not use sufficient entropy for hash initialization, which allows context-dependent attackers to cause a denial…from 0, < 2.1.1-3
- MEDIUM6.5CVE-2022-25313In Expat (aka libexpat) before 2.4.5, an attacker can trigger stack exhaustion in build_model via a large nesting depth in the DTD element.from 0, < 2.2.10-2+deb11u2
- from 0, < 2.2.10-2+deb11u7
- from 0, < 2.2.10-2+deb11u7
- from 0, < 2.1.1-3
- from 0, < 2.1.0-1+deb7u4
- from 0, < 2.1.0-6+deb8u3
- MEDIUM5.5CVE-2026-32778libexpat before 2.7.5 allows a NULL pointer dereference in the function setContext on retry after an earlier ouf-of-memory condition.from 0
- from 0
- MEDIUM5.5CVE-2026-32776libexpat before 2.7.5 allows a NULL pointer dereference with empty external parameter entity content.from 0
- MEDIUM5.5CVE-2025-66382In libexpat through 2.7.3, a crafted file with an approximate size of 2 MiB can lead to dozens of seconds of processing time.from 0
- MEDIUM5.5CVE-2023-52426libexpat through 2.5.0 allows recursive XML Entity Expansion if XML_DTD is undefined at compile time.from 0
- LOW2.9CVE-2026-41080libexpat before 2.8.0 uses insufficient entropy, and thus hash flooding can occur via a crafted XML document.from 0
- LOW2.5CVE-2026-24515In libexpat before 2.7.4, XML_ExternalEntityParserCreate does not copy unknown encoding handler user data.from 0
- from 0, < 2.0.1-7+squeeze2
- from 0, < 2.1.0-7
- from 0, < 2.1.0-1+deb7u2
- —CVE-2013-0340expat before version 2.4.0 does not properly handle entities expansion unless an application developer uses the XML_SetEntityDeclHandler fu…from 0
- —CVE-2012-1148Memory leak in the poolGrow function in expat/lib/xmlparse.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of…from 0, < 2.1.0~beta3-1
- from 0, < 2.0.1-7+squeeze1
- from 0, < 2.1.0~beta3-1
- from 0, < 1.95.8-3.4+etch2
- from 0, < 2.0.1-6
- from 0, < 1.95.8-3.4+etch3
- from 0, < 2.0.1-5
- from 0, < 1.95.8-3.4+etch1