Lucene search
Veracode Vulnerability DatabaseVERACODE:5020HistorySep 07, 2017 - 2:02 a.m.
Denial Of Service (DoS) Through Integer Overflow
2017-09-0702:02:13
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
16
0.01 Low
EPSS
Percentile
83.3%
expat is vulnerable to integer overflows. A malicious user can set XML_CONTEXT_BYTES to be undefined to cause an integer overflow, crashing the application.
| CPE | Name | Operator | Version |
|---|---|---|---|
| expat | eq | 2.1 | |
| expat:stretch | eq | 2.2.0-2+deb9u3 | |
| expat | eq | 2.1 | |
| expat:stretch | eq | 2.2.0-2+deb9u3 |
References
www.securityfocus.com/bid/94337
www.securitytracker.com/id/1037298
www.securitytracker.com/id/1039427
bugzilla.mozilla.org/show_bug.cgi?id=1274777
bugzilla.suse.com/show_bug.cgi?id=1047240
github.com/libexpat/libexpat/commit/d4f735b88d9932bd5039df2335eefdd0723dbe20
www.debian.org/security/2017/dsa-3898
www.mozilla.org/security/advisories/mfsa2016-89/
Related
cvelist
cvelist
CVE-2016-9063
2018-06-11 21:00:00
ubuntucve
ubuntucve
CVE-2016-9063
2016-11-17 00:00:00
debiancve
debiancve
CVE-2016-9063
2018-06-11 21:29:00
cve
cve
CVE-2016-9063
2018-06-11 21:29:00
nvd
nvd
CVE-2016-9063
2018-06-11 21:29:00
prion
prion
Integer overflow
2018-06-11 21:29:00
redhatcve
redhatcve
CVE-2016-9063
2016-11-18 15:48:08
osv
osv
CVE-2016-9063
2018-06-11 21:29:00
Expat 2.2.1
2018-06-11 21:00:00
nessus
nessus
Fedora 25 : expat (2017-2c5635cd97)
2017-07-13 00:00:00
SUSE SLED12 / SLES12 Security Update : expat (SUSE-SU-2017:2299-1)
2017-08-31 00:00:00
EulerOS Virtualization for ARM 64 3.0.2.0 : expat (EulerOS-SA-2020-1217)
2020-03-13 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for expat (EulerOS-SA-2020-1217)
2020-03-13 00:00:00
SUSE: Security Advisory (SUSE-SU-2017:2375-1)
2021-06-09 00:00:00
Huawei EulerOS: Security Advisory for expat (EulerOS-SA-2019-2145)
2020-01-23 00:00:00
freebsd
freebsd
expat -- multiple vulnerabilities
2016-10-27 00:00:00
Python 2.7 -- multiple vulnerabilities
2017-08-26 00:00:00
python 2.7 -- multiple vulnerabilities
2018-05-01 00:00:00
fedora
fedora
[SECURITY] Fedora 26 Update: expat-2.2.1-1.fc26
2017-07-14 13:26:21
[SECURITY] Fedora 25 Update: expat-2.2.1-1.fc25
2017-07-12 03:29:46
[SECURITY] Fedora 24 Update: expat-2.2.1-1.fc24
2017-07-12 01:56:31
ibm
ibm
debian
debian
[SECURITY] [DSA 3898-1] expat security update
2017-06-25 13:32:58
[SECURITY] [DSA 3898-1] expat security update
2017-06-25 13:32:58
archlinux
archlinux
[ASA-201707-27] lib32-expat: denial of service
2017-07-26 00:00:00
[ASA-201706-32] expat: denial of service
2017-06-26 00:00:00
[ASA-201611-16] firefox: multiple issues
2016-11-16 00:00:00
mageia
mageia
Updated expat packages fix security vulnerabilities
2017-07-23 22:58:56
Updated iceape packages fix security vulnerabilities
2017-09-02 00:10:29
f5
f5
slackware
slackware
[slackware-security] python
2017-09-23 06:33:04
[slackware-security] python
2018-05-04 20:53:50
suse
suse
Security update for MozillaFirefox, mozilla-nss (important)
2016-11-18 17:06:44
Security update for CaaS Platform 1.0 images (important)
2017-09-14 21:11:54
Security update for Mozilla Firefox, Thunderbird and NSS (important)
2016-12-05 19:07:18
ubuntu
ubuntu
Firefox vulnerabilities
2016-11-19 00:00:00
kaspersky
kaspersky
KLA11272 Multiple vulnerabilities in Mozilla Firefox
2016-11-15 00:00:00
mozilla
mozilla
Security vulnerabilities fixed in Firefox 50 — Mozilla
2016-11-15 00:00:00
apple
apple
About the security content of watchOS 4 - Apple Support
2019-04-03 09:47:52
About the security content of watchOS 4
2017-09-19 00:00:00
About the security content of tvOS 11
2017-09-19 00:00:00