Vulnerabilities > Libexpat Project > Libexpat > 2.5.0

DATE CVE VULNERABILITY TITLE RISK
2024-08-30 CVE-2024-45490 XXE vulnerability in Libexpat Project Libexpat
An issue was discovered in libexpat before 2.6.3.
network
low complexity
libexpat-project CWE-611
7.5
2024-08-30 CVE-2024-45491 Integer Overflow or Wraparound vulnerability in Libexpat Project Libexpat
An issue was discovered in libexpat before 2.6.3.
network
low complexity
libexpat-project CWE-190
critical
9.8
2024-08-30 CVE-2024-45492 Integer Overflow or Wraparound vulnerability in Libexpat Project Libexpat
An issue was discovered in libexpat before 2.6.3.
network
low complexity
libexpat-project CWE-190
critical
9.8
2024-03-10 CVE-2024-28757 XML Entity Expansion vulnerability in multiple products
libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via XML_ExternalEntityParserCreate).
network
low complexity
libexpat-project fedoraproject netapp CWE-776
7.5
2024-02-04 CVE-2023-52425 Resource Exhaustion vulnerability in Libexpat Project Libexpat
libexpat through 2.5.0 allows a denial of service (resource consumption) because many full reparsings are required in the case of a large token for which multiple buffer fills are needed.
network
low complexity
libexpat-project CWE-400
7.5
2024-02-04 CVE-2023-52426 XML Entity Expansion vulnerability in Libexpat Project Libexpat
libexpat through 2.5.0 allows recursive XML Entity Expansion if XML_DTD is undefined at compile time.
local
low complexity
libexpat-project CWE-776
5.5