Search

Search is not available in local development.
Run npx pagefind --site __site after building to enable it.

Expat_jll

JLSEC-2026-384No summary availableApr 16, 2026 JLSEC-2026-383No summary availableMar 16, 2026 JLSEC-2026-382No summary availableMar 16, 2026 JLSEC-2026-381No summary availableMar 16, 2026 JLSEC-2026-380No summary availableJan 30, 2026 JLSEC-2026-379No summary availableJan 23, 2026 JLSEC-2026-378No summary availableNov 28, 2025 JLSEC-2025-173libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocatio…Sep 15, 2025 JLSEC-2025-65An issue was discovered in libexpat before 2.6.4Oct 27, 2024 JLSEC-2025-64An issue was discovered in libexpat before 2.6.3Aug 30, 2024 JLSEC-2025-63An issue was discovered in libexpat before 2.6.3Aug 30, 2024 JLSEC-2025-62An issue was discovered in libexpat before 2.6.3Aug 30, 2024 JLSEC-2025-61libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use o…Mar 10, 2024 JLSEC-2025-59libexpat through 2.5.0 allows recursive XML Entity Expansion if XML_DTD is undefined at c…Feb 4, 2024 JLSEC-2025-60libexpat through 2.5.0 allows a denial of service (resource consumption) because many ful…Feb 4, 2024 JLSEC-2025-58In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a…Oct 24, 2022 JLSEC-2025-57libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c.Sep 14, 2022 JLSEC-2025-56In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames.Feb 18, 2022 JLSEC-2025-55In Expat (aka libexpat) before 2.4.5, there is an integer overflow in copyString.Feb 18, 2022 JLSEC-2025-54In Expat (aka libexpat) before 2.4.5, an attacker can trigger stack exhaustion in build_m…Feb 18, 2022 JLSEC-2025-53xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-sepa…Feb 16, 2022 JLSEC-2025-52xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, …Feb 16, 2022 JLSEC-2025-51Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function.Jan 26, 2022 JLSEC-2025-50Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer, for con…Jan 24, 2022 JLSEC-2025-49storeAtts in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.Jan 10, 2022 JLSEC-2025-48nextScaffoldPart in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overfl…Jan 10, 2022 JLSEC-2025-47lookup in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.Jan 10, 2022 JLSEC-2025-46defineAttribute in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflo…Jan 10, 2022 JLSEC-2025-45build_model in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.Jan 10, 2022 JLSEC-2025-44addBinding in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow.Jan 10, 2022 JLSEC-2025-43In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exist…Jan 6, 2022 JLSEC-2025-42In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtt…Jan 1, 2022 JLSEC-2025-41In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD …Sep 4, 2019