Debian Expat vulnerabilities

CVE-2015-1283 [MEDIUM] CVE-2015-1283: expat - Multiple integer overflows in the XML_GetBuffer function in Expat through 2.1.0,... Multiple integer overflows in the XML_GetBuffer function in Expat through 2.1.0, as used in Google Chrome before 44.0.2403.89 and other products, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted XML data, a related issue to CVE-2015-2716. Scope: local bookworm: resolved (fixed in 2.1

CVE-2013-0340 [MEDIUM] CVE-2013-0340: expat - expat before version 2.4.0 does not properly handle entities expansion unless an... expat before version 2.4.0 does not properly handle entities expansion unless an application developer uses the XML_SetEntityDeclHandler function, which allows remote attackers to cause a denial of service (resource consumption), send HTTP requests to intranet servers, or read arbitrary files via a crafted XML document, aka an XML External Entity (XXE) issue. NOTE: it

CVE-2012-1148 [MEDIUM] CVE-2012-1148: expat - Memory leak in the poolGrow function in expat/lib/xmlparse.c in expat before 2.1... Memory leak in the poolGrow function in expat/lib/xmlparse.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service (memory consumption) via a large number of crafted XML files that cause improperly-handled reallocation failures when expanding entities. Scope: local bookworm: resolved (fixed in 2.1.0~beta3-1) bullseye: resolved (fixed in

CVE-2012-0876 [MEDIUM] CVE-2012-0876: expat - The XML parser (xmlparse.c) in expat before 2.1.0 computes hash values without r... The XML parser (xmlparse.c) in expat before 2.1.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via an XML file with many identifiers with the same value. Scope: local bookworm: resolved (fixed in 2.1.0~beta3-1) bullseye: resolved (fix

CVE-2012-6702 [MEDIUM] CVE-2012-6702: expat - Expat, when used in a parser that has not called XML_SetHashSalt or passed it a ... Expat, when used in a parser that has not called XML_SetHashSalt or passed it a seed of 0, makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms via vectors involving use of the srand function. Scope: local bookworm: resolved (fixed in 2.1.1-3) bullseye: resolved (fixed in 2.1.1-3) forky: resolved (fixed in 2.1.1-3) sid: resolve

CVE-2012-1147 [MEDIUM] CVE-2012-1147: expat - readfilemap.c in expat before 2.1.0 allows context-dependent attackers to cause ... readfilemap.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service (file descriptor consumption) via a large number of crafted XML files. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2009-3720 [MEDIUM] CVE-2009-3720: audacity - The updatePosition function in lib/xmltok_impl.c in libexpat in Expat 2.0.1, as ... The updatePosition function in lib/xmltok_impl.c in libexpat in Expat 2.0.1, as used in Python, PyXML, w3c-libwww, and other software, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with crafted UTF-8 sequences that trigger a buffer over-read, a different vulnerability than CVE-2009-2625. Scope: local bookwor

CVE-2009-3560 [MEDIUM] CVE-2009-3560: audacity - The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, as used in ... The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, as used in the XML-Twig module for Perl, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with malformed UTF-8 sequences that trigger a buffer over-read, related to the doProlog function in lib/xmlparse.c, a different vulnerability than CVE-20