expat-devel (AlmaLinux:10) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the AlmaLinux:10 package expat-devel, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (3)
CVE-2024-8176 — CVSS 7.5 (high): A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When…
CVE-2025-59375 — CVSS 7.5 (high): libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted for…
CVE-2026-45186 — CVSS 2.9 (low): In libexpat before 2.8.1, the computational complexity of attribute name collision checks allows a denial of service via moderately sized…