CVSS: 7.8EPSS: 9%CPEs: 19EXPL: 1CVE-2018-20843 – expat: large number of colons in input makes parser consume high amount of resources, leading to DoS
https://notcve.org/view.php?id=CVE-2018-20843
24 Jun 2019 — In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing (enough to be usable for denial-of-service attacks). En libexpat en Expat anterior a versión 2.2.7, una entrada XML incluyendo nombres XML que contienen una gran cantidad de "dos puntos", podría hacer que el analizador XML consuma una gran cantidad de recursos de RAM y CPU durante el procesamiento (lo suficiente como ... • http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00039.html • CWE-400: Uncontrolled Resource Consumption CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2017-11742
https://notcve.org/view.php?id=CVE-2017-11742
30 Jul 2017 — The writeRandomBytes_RtlGenRandom function in xmlparse.c in libexpat in Expat 2.2.1 and 2.2.2 on Windows allows local users to gain privileges via a Trojan horse ADVAPI32.DLL in the current working directory because of an untrusted search path, aka DLL hijacking. La función writeRandomBytes_RtlGenRandom en el archivo xmlparse.c en libexpat en Expat versiones 2.2.1 y 2.2.2 en Windows, permite a los usuarios locales alcanzar privilegios por medio de una biblioteca de tipo caballo de Troya ADVAPI32.DLL en el d... • http://www.securityfocus.com/bid/100147 • CWE-426: Untrusted Search Path •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 1CVE-2017-9233 – Apple Security Advisory 2017-10-31-8
https://notcve.org/view.php?id=CVE-2017-9233
19 Jul 2017 — XML External Entity vulnerability in libexpat 2.2.0 and earlier (Expat XML Parser Library) allows attackers to put the parser in an infinite loop using a malformed external entity definition from an external DTD. Una vulnerabilidad de XML External Entity (XEE) en libexpat versión 2.2.0 y anteriores (Expat XML Parser Library) permite que los atacantes consigan que el analizador entre en un bucle infinito utilizando una definición de entidad externa mal formada desde una DTD externa. It was discovered that Ex... • http://www.debian.org/security/2017/dsa-3898 • CWE-611: Improper Restriction of XML External Entity Reference CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 8.1EPSS: 2%CPEs: 8EXPL: 0CVE-2016-4472 – Ubuntu Security Notice USN-7199-1
https://notcve.org/view.php?id=CVE-2016-4472
21 Jun 2016 — The overflow protection in Expat is removed by compilers with certain optimization settings, which allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via crafted XML data. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-1283 and CVE-2015-2716. La protección de desbordamiento en Expat es eliminada por los compiladores con ciertos ajustes de optimización, lo que permite a atacantes remotos provocar una denegación de servicio (caída) o posi... • http://www.securityfocus.com/bid/91528 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 4%CPEs: 11EXPL: 0CVE-2016-5300 – Apple Security Advisory 2017-03-22-2
https://notcve.org/view.php?id=CVE-2016-5300
08 Jun 2016 — The XML parser in Expat does not use sufficient entropy for hash initialization, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted identifiers in an XML document. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0876. El intérprete XML en Expat no utiliza suficiente entropía para inicialización hash, lo que permite a atacantes dependientes del contexto provocar una denegación de servicio (consumo de CPU) a través de identificadores m... • http://www.debian.org/security/2016/dsa-3597 • CWE-399: Resource Management Errors •
CVSS: 5.9EPSS: 0%CPEs: 11EXPL: 0CVE-2012-6702 – Apple Security Advisory 2017-03-22-2
https://notcve.org/view.php?id=CVE-2012-6702
08 Jun 2016 — Expat, when used in a parser that has not called XML_SetHashSalt or passed it a seed of 0, makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms via vectors involving use of the srand function. Expat, cuando se utiliza en un intérprete que no ha realizado una llamada XML_SetHashSalt o pasado una semilla de 0, facilita a atacantes dependientes del contexto romper mecanismos de protección criptográfica a través de vectores que involucran el uso de la función srand. It w... • http://www.debian.org/security/2016/dsa-3597 • CWE-310: Cryptographic Issues •
CVSS: 9.8EPSS: 1%CPEs: 26EXPL: 1CVE-2016-0718 – expat: Out-of-bounds heap read on crafted input causing crash
https://notcve.org/view.php?id=CVE-2016-0718
18 May 2016 — Expat allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input document, which triggers a buffer overflow. Expat permite a atacantes dependientes del contexto provocar una denegación de servicio (caída) o posiblemente ejecutar código arbitrario a través de un documento de entrada mal formado, lo que desencadena un desbordamiento de buffer. An out-of-bounds read flaw was found in the way Expat processed certain input. A remote attacker c... • https://packetstorm.news/files/id/141350 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 7.3EPSS: 0%CPEs: 27EXPL: 0CVE-2015-1283 – chromium-browser: Heap-buffer-overflow in expat.
https://notcve.org/view.php?id=CVE-2015-1283
23 Jul 2015 — Multiple integer overflows in the XML_GetBuffer function in Expat through 2.1.0, as used in Google Chrome before 44.0.2403.89 and other products, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted XML data, a related issue to CVE-2015-2716. Múltiples vulnerabilidades de desbordamiento de entero en la función XML_GetBuffer en Expat hasta la versión 2.1.0 implementada en Chrome en versiones anteriores a la 44.0.2403.89 y otros... • http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html • CWE-122: Heap-based Buffer Overflow CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 1CVE-2013-0340 – Apple Security Advisory 2021-10-26-11
https://notcve.org/view.php?id=CVE-2013-0340
21 Jan 2014 — expat 2.1.0 and earlier does not properly handle entities expansion unless an application developer uses the XML_SetEntityDeclHandler function, which allows remote attackers to cause a denial of service (resource consumption), send HTTP requests to intranet servers, or read arbitrary files via a crafted XML document, aka an XML External Entity (XXE) issue. NOTE: it could be argued that because expat already provides the ability to disable external entity expansion, the responsibility for resolving this issu... • http://openwall.com/lists/oss-security/2013/02/22/3 • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 7.5EPSS: 0%CPEs: 22EXPL: 0CVE-2012-0876 – expat: hash table collisions CPU usage DoS
https://notcve.org/view.php?id=CVE-2012-0876
03 Jul 2012 — The XML parser (xmlparse.c) in expat before 2.1.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via an XML file with many identifiers with the same value. El analizador XML (xmlparse.c) en expat antes de v2.1.0 calcula los valores de hash sin restringir la capacidad de desencadenar colisiones hash de forma predecible, lo que permite causar una denegación de servicio (por con... • http://bugs.python.org/issue13703#msg151870 • CWE-400: Uncontrolled Resource Consumption CWE-407: Inefficient Algorithmic Complexity •