JLSEC-2025-173
- Source
- https://github.com/JuliaLang/SecurityAdvisories.jl/blob/main/advisories/published/2025/JLSEC-2025-173.md
- Import Source
- https://github.com/JuliaLang/SecurityAdvisories.jl/tree/generated/osv/2025/JLSEC-2025-173.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/JLSEC-2025-173
- Upstream
- Published
- 2025-10-21T14:51:00.329Z
- Modified
- 2025-11-03T00:04:59.230764Z
- Summary
- libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a sm...
- Details
-
libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing.
- Database specific
{ "license": "CC-BY-4.0", "sources": [ { "html_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375", "imported": "2025-10-21T14:28:06.192Z", "id": "CVE-2025-59375", "modified": "2025-10-17T19:26:36.673Z", "url": "https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2025-59375", "published": "2025-09-15T03:15:40.920Z" } ] }- References
-
- https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74
- https://github.com/libexpat/libexpat/blob/R_2_7_2/expat/Changes
- https://github.com/libexpat/libexpat/issues/1018
- https://github.com/libexpat/libexpat/pull/1034
- https://issues.oss-fuzz.com/issues/439133977