Known Vulnerabilities
CVE-2024-50602
An issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser function because XML_StopParser can stop/suspend an unstarted parser.
MEDIUM
CVSS 5.9
Published Oct 27, 2024
CVE-2024-45490
An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XML_ParseBuffer.
CRITICAL
CVSS 9.8
Published Aug 30, 2024
CVE-2023-52425
libexpat through 2.5.0 allows a denial of service (resource consumption) because many full reparsings are required in the case of a large token for which multiple buffer fills are needed.
UNKNOWN
CVSS 7.5
Published Feb 04, 2024