VDB
CISA-2018-20843
CISA-2018-20843
PUBLISHED
CVSS 7.5 HIGH
Reported by mitre · Published June 24, 2019
In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing (enough to be usable for denial-of-service attacks).
Risk Scores
CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| n/a | n/a | *, * |
Timeline
- Jun 24, 2019 CVE Published
- May 30, 2025 CVE Updated
- Apr 26, 2026 Distribution Patch
- Apr 26, 2026 Security Advisory
- Apr 26, 2026 Security Advisory
- Apr 26, 2026 Security Advisory
References
- USN-4040-1 vendor-advisoryx_refsource_UBUNTU
- USN-4040-2 vendor-advisoryx_refsource_UBUNTU
- DSA-4472 vendor-advisoryx_refsource_DEBIAN
- 20190628 [SECURITY] [DSA 4472-1] expat security update mailing-listx_refsource_BUGTRAQ
- [debian-lts-announce] 20190629 [SECURITY] [DLA 1839-1] expat security update mailing-listx_refsource_MLIST
- FEDORA-2019-18868e1715 vendor-advisoryx_refsource_FEDORA
- FEDORA-2019-139fcda84d vendor-advisoryx_refsource_FEDORA
- openSUSE-SU-2019:1777 vendor-advisoryx_refsource_SUSE
- GLSA-201911-08 vendor-advisoryx_refsource_GENTOO
- x_refsource_MISC
- x_refsource_MISC
- x_refsource_MISC
- x_refsource_MISC
- x_refsource_MISC
- x_refsource_MISC
- x_refsource_MISC
- x_refsource_CONFIRM
- x_refsource_CONFIRM
- x_refsource_MISC
- x_refsource_MISC
…and 1 more