expat vulnerabilities

Known vulnerabilities in the expat package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
L CVE-2024-50602	*
H XML External Entity (XXE) Injection	<2.2.10-2+deb11u6
C Integer Overflow or Wraparound	<2.2.10-2+deb11u6
C Integer Overflow or Wraparound	<2.2.10-2+deb11u6
L CVE-2024-28757	*
H Resource Exhaustion	<2.2.10-2+deb11u6
L Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')	*
H Use After Free	<2.2.10-2+deb11u5
H Use After Free	<2.2.10-2+deb11u4
H Integer Overflow or Wraparound	<2.2.10-2+deb11u2
C Integer Overflow or Wraparound	<2.2.10-2+deb11u2
M Uncontrolled Recursion	<2.2.10-2+deb11u2
C Improper Encoding or Escaping of Output	<2.2.10-2+deb11u2
C Exposure of Resource to Wrong Sphere	<2.2.10-2+deb11u2
H Integer Overflow or Wraparound	<2.2.10-2+deb11u1
C Integer Overflow or Wraparound	<2.2.10-2+deb11u1
H Integer Overflow or Wraparound	<2.2.10-2+deb11u1
C Integer Overflow or Wraparound	<2.2.10-2+deb11u1
H Integer Overflow or Wraparound	<2.2.10-2+deb11u1
H Integer Overflow or Wraparound	<2.2.10-2+deb11u1
C Integer Overflow or Wraparound	<2.2.10-2+deb11u1
C Integer Overflow or Wraparound	<2.2.10-2+deb11u1
H Integer Overflow or Wraparound	<2.2.10-2+deb11u1
H Incorrect Calculation	<2.2.10-2+deb11u1
H Out-of-bounds Read	<2.2.7-2
H XML External Entity (XXE) Injection	<2.2.6-2
C Integer Overflow or Wraparound	<2.2.0-2
H XML External Entity (XXE) Injection	<2.2.1-1
H Out-of-Bounds	<2.1.1-2
M Cryptographic Issues	<2.1.1-3
H Resource Management Errors	<2.1.1-3
C Out-of-Bounds	<2.1.1-2
M Numeric Errors	<2.1.0-7
L XML External Entity (XXE) Injection	*
M Resource Management Errors	<2.1.0~beta3-1
M Resource Management Errors	<2.1.0~beta3-1
L Out-of-Bounds	<2.0.1-6
L CVE-2009-3720	<2.0.1-5

Vulnerability

Vulnerable Version

CVE-2024-50602