Lines Matching refs:CVE
35 #915 CVE-2024-50602 -- Fix crash within function XML_ResumeParser
47 #317 #918 tests: Improve tests on doctype closing (ex CVE-2019-15903)
66 #887 #890 CVE-2024-45490 -- Calling function XML_ParseBuffer with
75 #888 #891 CVE-2024-45491 -- Internal function dtdCopy can have an
80 #889 #892 CVE-2024-45492 -- Internal function nextScaffoldPart can
120 #839 #842 CVE-2024-28757 -- Prevent billion laughs attacks with
168 #789 #814 CVE-2023-52425 -- Fix quadratic runtime issues with big tokens
178 #777 CVE-2023-52426 -- Fix billion laughs attacks for users
181 Expat >=2.4.0 (and that was CVE-2013-0340 back then).
282 #616 #649 #650 CVE-2022-43680 -- Fix heap use-after-free after overeager
316 #629 #640 CVE-2022-40674 -- Heap use-after-free vulnerability in
398 #572 #577 Relax fix to CVE-2022-25236 (introduced with release 2.4.5)
432 #566 Fix a regression introduced by the fix for CVE-2022-25313
452 #562 CVE-2022-25235 -- Passing malformed 2- and 3-byte UTF-8
459 #561 CVE-2022-25236 -- Passing (one or more) namespace separator
467 #558 CVE-2022-25313 -- Fix stack exhaustion in doctype parsing
472 #560 CVE-2022-25314 -- Fix integer overflow in function copyString;
477 #559 CVE-2022-25315 -- Fix integer overflow in function storeRawNames;
495 #550 CVE-2022-23852 -- Fix signed integer overflow
501 #551 CVE-2022-23990 -- Fix unsigned integer overflow in function
527 #531 #534 CVE-2021-45960 -- Fix issues with left shifts by >=29 places
539 #532 #538 CVE-2021-46143 (ZDI-CAN-16157) -- Fix integer overflow
543 #539 CVE-2022-22822 to CVE-2022-22827 -- Prevent integer overflows
545 a dedicated CVE for each involved internal C function:
546 - CVE-2022-22822 for function addBinding
547 - CVE-2022-22823 for function build_model
548 - CVE-2022-22824 for function defineAttribute
549 - CVE-2022-22825 for function lookup
550 - CVE-2022-22826 for function nextScaffoldPart
551 - CVE-2022-22827 for function storeAtts
614 #34 #466 #484 CVE-2013-0340/CWE-776 -- Protect against billion laughs attacks
819 #317 #318 CVE-2019-15903 -- Fix heap overflow triggered by
925 #186 #262 CVE-2018-20843 -- Fix extraction of namespace prefixes from
1081 #82 CVE-2017-11742 -- Windows: Fix DLL hijacking vulnerability
1171 CVE-2017-9233 -- External entity infinite loop DoS
1174 [MOX-002] CVE-2016-9063 -- Detect integer overflow; commit
1177 (SF.net) #539 Fix regression from fix to CVE-2016-0718 cutting off
1193 In a way, that's still part of CVE-2016-5300.
1209 to go further with fixing CVE-2012-0876.
1286 #537 CVE-2016-0718 -- Fix crash on malformed input
1287 CVE-2016-4472 -- Improve insufficient fix to CVE-2015-1283 /
1288 CVE-2015-2716 introduced with Expat 2.1.1
1289 #499 CVE-2016-5300 -- Use more entropy for hash initialization
1290 than the original fix to CVE-2012-0876
1291 #519 CVE-2012-6702 -- Resolve troublesome internal call to srand
1293 when addressing CVE-2012-0876 (issue #496)
1335 #582: CVE-2015-1283 - Multiple integer overflows in XML_GetBuffer
1350 #2958794: CVE-2012-1148 - Memory leak in poolGrow.
1351 #2895533: CVE-2012-1147 - Resource leak in readfilemap.c.
1352 #3496608: CVE-2012-0876 - Hash DOS attack.
1353 #2894085: CVE-2009-3560 - Buffer over-read and crash in big2_toUtf8().
1354 #1990430: CVE-2009-3720 - Parser crash with special UTF-8 sequences.