libexpat Project libexpat 2.6.1

CPE Details

libexpat Project libexpat 2.6.1
libexpat_project
libexpat
2.6.1
2024-12-31
17h27 +00:00
2024-12-31
17h27 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:libexpat_project:libexpat:2.6.1:*:*:*:*:*:*:*

Informations

Vendor

libexpat_project

Product

libexpat

Version

2.6.1

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2024-45490 2024-08-30 00h00 +00:00 An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XML_ParseBuffer.
9.8
Critical
CVE-2024-45491 2024-08-29 22h00 +00:00 An issue was discovered in libexpat before 2.6.3. dtdCopy in xmlparse.c can have an integer overflow for nDefaultAtts on 32-bit platforms (where UINT_MAX equals SIZE_MAX).
9.8
Critical
CVE-2024-45492 2024-08-29 22h00 +00:00 An issue was discovered in libexpat before 2.6.3. nextScaffoldPart in xmlparse.c can have an integer overflow for m_groupSize on 32-bit platforms (where UINT_MAX equals SIZE_MAX).
9.8
Critical
CVE-2024-28757 2024-03-10 00h00 +00:00 libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via XML_ExternalEntityParserCreate).
7.5
High