Vulnerabilities > Libexpat Project > Libexpat > 2.2.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-06-24 | CVE-2018-20843 | XXE vulnerability in multiple products In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing (enough to be usable for denial-of-service attacks). network low complexity libexpat-project canonical debian fedoraproject opensuse oracle tenable CWE-611 | 7.5 |
2017-07-30 | CVE-2017-11742 | Untrusted Search Path vulnerability in Libexpat Project Libexpat 2.2.1/2.2.2 The writeRandomBytes_RtlGenRandom function in xmlparse.c in libexpat in Expat 2.2.1 and 2.2.2 on Windows allows local users to gain privileges via a Trojan horse ADVAPI32.DLL in the current working directory because of an untrusted search path, aka DLL hijacking. | 4.6 |