RHSA-2025:22035HighCVSS 7.5
Red Hat Security Advisory: expat security update
🔗 CVE IDs covered (4)
📋 Description
CVE-2013-0340 — expat: internal entity expansion CVE-2023-52425 — expat: parsing large tokens can trigger a denial of service CVE-2024-8176 — libexpat: expat: Improper Restriction of XML Entity Expansion Depth in libexpat CVE-2025-59375 — firefox: thunderbird: expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing
🔗 References (7)
- selfhttps://access.redhat.com/errata/RHSA-2025:22035
- externalhttps://access.redhat.com/security/updates/classification/#important
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1000109
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2262877
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2310137
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=2395108
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_22035.json