Known Vulnerabilities for products from Libexpat Project

Listed below are 20 of the newest known vulnerabilities associated with the vendor "Libexpat Project".

These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.

Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2026-41080 json libexpat before 2.7.6 uses insufficient entropy, and thus hash flooding can occur via a crafted XML document. Not Provided 2026-04-16 2026-04-26
CVE-2025-66382 json In libexpat through 2.7.3, a crafted file with an approximate size of 2 MiB can lead to dozens of seconds of processing time. Not Provided 2025-11-28 2026-05-12
CVE-2025-59375 json libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is subm... Not Provided 2025-09-15 2026-05-12
CVE-2024-45492 json An issue was discovered in libexpat before 2.6.3. nextScaffoldPart in xmlparse.c can have an integer overflow for m_groupSize... Not Provided 2024-08-30 2026-05-12
CVE-2024-45491 json An issue was discovered in libexpat before 2.6.3. dtdCopy in xmlparse.c can have an integer overflow for nDefaultAtts on 32-b... Not Provided 2024-08-30 2026-05-12
CVE-2024-45490 json An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XML_ParseBuffer. Not Provided 2024-08-30 2026-05-12
CVE-2022-43680 json In libexpat through 2.4.9, there is a use-after free caused by overeager destruction of a shared DTD in XML_ExternalEntityPar... 7.5 - HIGH 2022-10-24 2024-01-21
CVE-2022-40674 json libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c. 8.1 - HIGH 2022-09-14 2023-11-07
CVE-2022-25315 json In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames. 9.8 - CRITICAL 2022-02-18 2023-11-07
CVE-2022-25314 json In Expat (aka libexpat) before 2.4.5, there is an integer overflow in copyString. 7.5 - HIGH 2022-02-18 2023-11-07
CVE-2022-25313 json In Expat (aka libexpat) before 2.4.5, an attacker can trigger stack exhaustion in build_model via a large nesting depth in th... 6.5 - MEDIUM 2022-02-18 2023-11-07
CVE-2022-25236 json xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs... 9.8 - CRITICAL 2022-02-16 2023-11-07
CVE-2022-25235 json xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 c... 9.8 - CRITICAL 2022-02-16 2023-11-07
CVE-2022-23990 json Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function. 7.5 - HIGH 2022-01-26 2023-11-07
CVE-2022-23852 json Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer, for configurations with a nonzero XML_CONTE... 9.8 - CRITICAL 2022-01-24 2022-10-29
CVE-2022-22827 json storeAtts in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. 8.8 - HIGH 2022-01-10 2022-10-06
CVE-2022-22826 json nextScaffoldPart in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. 8.8 - HIGH 2022-01-10 2022-10-06
CVE-2022-22825 json lookup in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. 8.8 - HIGH 2022-01-10 2022-10-06
CVE-2022-22824 json defineAttribute in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. 9.8 - CRITICAL 2022-01-10 2022-10-06
CVE-2022-22823 json build_model in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. 9.8 - CRITICAL 2022-01-10 2022-10-06
Results limited to 20 most recent vulnerabilities

Known software with vulnerabilities from Libexpat Project

Type Vendor Product Version
ApplicationLibexpat ProjectLibexpat-