GHSA-425r-vwq2-26qvMediumCVSS 6.9

In libexpat before 2.8.2, there is a heap-based buffer overflow in doProlog in xmlparse.c because...

Published
June 19, 2026
Last Modified
June 19, 2026

🔗 CVE IDs covered (1)

📋 Description

In libexpat before 2.8.2, there is a heap-based buffer overflow in doProlog in xmlparse.c because scaffold backing array reallocation is mishandled when there is data-structure sharing across parsers.

🔗 References (3)