VulnerableCode Package Details - pkg:deb/debian/expat@2.7.1-2

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:deb/debian/expat@2.7.1-2

Essentials
History (24)

purl	pkg:deb/debian/expat@2.7.1-2

Next non-vulnerable version	2.7.5-1
Latest non-vulnerable version	2.7.5-1
Risk	4.0

Vulnerabilities affecting this package (6)

Vulnerability	Summary	Fixed by
VCID-77y6-jskt-qucb Aliases: CVE-2025-59375	libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing.	2.7.5-1 Affected by 0 other vulnerabilities.
VCID-jqe4-44gw-wbhu Aliases: CVE-2026-32777	libexpat: libexpat: Denial of Service via infinite loop in DTD content parsing	2.7.5-1 Affected by 0 other vulnerabilities.
VCID-nktd-7gph-kkb1 Aliases: CVE-2026-32778	libexpat: libexpat: Denial of Service via NULL pointer dereference after out-of-memory condition	2.7.5-1 Affected by 0 other vulnerabilities.
VCID-utz3-ytaf-cbht Aliases: CVE-2026-25210	libexpat: libexpat: Information disclosure and data integrity issues due to integer overflow in buffer reallocation	2.7.5-1 Affected by 0 other vulnerabilities.
VCID-v41j-xj8s-m7ar Aliases: CVE-2026-32776	libexpat: libexpat: Denial of Service due to NULL pointer dereference	2.7.5-1 Affected by 0 other vulnerabilities.
VCID-yw8s-ezc7-6ub8 Aliases: CVE-2026-24515	libexpat: libexpat null pointer dereference	2.7.5-1 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (2)

Vulnerability	Summary	Aliases
VCID-qmx9-wkj4-67h3	expat: recursive XML entity expansion vulnerability	CVE-2023-52426
VCID-u5pr-wheu-h7c6	expat: XML Entity Expansion	CVE-2024-28757

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T13:02:55.912836+00:00	Debian Importer	Fixing	VCID-u5pr-wheu-h7c6	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T12:58:13.191787+00:00	Debian Importer	Affected by	VCID-jqe4-44gw-wbhu	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T12:24:57.296619+00:00	Debian Importer	Fixing	VCID-qmx9-wkj4-67h3	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T11:36:00.507364+00:00	Debian Importer	Affected by	VCID-nktd-7gph-kkb1	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T11:30:38.542405+00:00	Debian Importer	Affected by	VCID-v41j-xj8s-m7ar	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T11:06:02.236974+00:00	Debian Importer	Affected by	VCID-77y6-jskt-qucb	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T09:57:40.871749+00:00	Debian Importer	Affected by	VCID-yw8s-ezc7-6ub8	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T09:06:03.818206+00:00	Debian Importer	Affected by	VCID-utz3-ytaf-cbht	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-13T08:58:11.066573+00:00	Debian Importer	Fixing	VCID-u5pr-wheu-h7c6	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T08:54:35.439325+00:00	Debian Importer	Affected by	VCID-jqe4-44gw-wbhu	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T08:29:52.402340+00:00	Debian Importer	Fixing	VCID-qmx9-wkj4-67h3	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T07:54:29.389045+00:00	Debian Importer	Affected by	VCID-nktd-7gph-kkb1	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T07:50:43.026022+00:00	Debian Importer	Affected by	VCID-v41j-xj8s-m7ar	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T07:32:22.135606+00:00	Debian Importer	Affected by	VCID-77y6-jskt-qucb	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T06:40:19.828931+00:00	Debian Importer	Affected by	VCID-yw8s-ezc7-6ub8	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T18:05:51.527955+00:00	Debian Importer	Affected by	VCID-utz3-ytaf-cbht	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-02T17:17:08.968107+00:00	Debian Importer	Fixing	VCID-u5pr-wheu-h7c6	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-02T17:16:48.675393+00:00	Debian Importer	Affected by	VCID-jqe4-44gw-wbhu	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-02T17:14:49.113665+00:00	Debian Importer	Fixing	VCID-qmx9-wkj4-67h3	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-02T17:12:07.652536+00:00	Debian Importer	Affected by	VCID-nktd-7gph-kkb1	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-02T17:11:55.095131+00:00	Debian Importer	Affected by	VCID-v41j-xj8s-m7ar	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-02T17:10:24.289082+00:00	Debian Importer	Affected by	VCID-77y6-jskt-qucb	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-02T17:06:34.607694+00:00	Debian Importer	Affected by	VCID-yw8s-ezc7-6ub8	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-02T17:03:49.803057+00:00	Debian Importer	Affected by	VCID-utz3-ytaf-cbht	https://security-tracker.debian.org/tracker/data/json	38.1.0