GHSA-r396-2q2c-pjhrLowCVSS 2.9

In libexpat before 2.8.1, the computational complexity of attribute name collision checks allows...

Published
May 10, 2026
Last Modified
June 30, 2026

🔗 CVE IDs covered (1)

📋 Description

In libexpat before 2.8.1, the computational complexity of attribute name collision checks allows a denial of service via moderately sized crafted XML input.

🔗 References (13)