VDB
JLSEC-2025-41
JLSEC-2025-41
PUBLISHED
CVSS 8.699999809265137 HIGH
In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to ...
Risk Scores
CVSS v4.0
8.699999809265137
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Julia | Expat_jll | 0, 0 |
Timeline
- Oct 14, 2025 CVE Published
- May 1, 2026 Distribution Patch
- May 1, 2026 Distribution Patch
- May 1, 2026 Distribution Patch
- May 1, 2026 Distribution Patch
- May 1, 2026 Distribution Patch
- May 1, 2026 Distribution Patch
- May 1, 2026 CVE Updated
References
- http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00080.html url
- http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00081.html url
- http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00000.html url
- http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00002.html url
- http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00003.html url
- http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00013.html url
- http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00016.html url
- http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00017.html url
- http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00018.html url
- http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00019.html url
- http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00008.html url
- http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html url
- http://packetstormsecurity.com/files/154503/Slackware-Security-Advisory-expat-Updates.html url
- http://packetstormsecurity.com/files/154927/Slackware-Security-Advisory-python-Updates.html url
- http://packetstormsecurity.com/files/154947/Slackware-Security-Advisory-mozilla-firefox-Updates.html url
- http://seclists.org/fulldisclosure/2019/Dec/23 url
- http://seclists.org/fulldisclosure/2019/Dec/26 url
- http://seclists.org/fulldisclosure/2019/Dec/27 url
- http://seclists.org/fulldisclosure/2019/Dec/30 url
- https://access.redhat.com/errata/RHSA-2019:3210 url
…and 39 more