Integer Overflow or Wraparound Affecting expat Open this link in a new tab package, versions >=0.0.0
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.Test your applications
2 Oct 2019
13 Apr 2017
How to fix?
There is no fixed version for
expat is a XML parser library written in C.
Affected versions of this package are vulnerable to Integer Overflow or Wraparound expat is vulnerable to integer overflows. A malicious user can set
XML_CONTEXT_BYTES to be undefined to cause an integer overflow, crashing the application.