CLSA-2026-1777304792

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2026-1777304792.json
JSON Data
https://api.test.osv.dev/v1/vulns/CLSA-2026-1777304792
Upstream
Published
2026-04-29T07:08:01Z
Modified
2026-05-27T11:18:21.187231981Z
Summary
expat: Fix of 3 CVEs
Details
  • CVE-2017-9233: Fix external entity infinite loop bug
  • CVE-2018-20843: Fix extraction of namespace prefix from XML name
  • CVE-2019-15903: Deny internal entities closing the doctype (heap overread)
References

Affected packages

TuxCare:CentOS:6 / expat

Package

Name
expat
Purl
pkg:rpm/tuxcare/expat?distro=centos-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.0.1-13.el6_8.tuxcare.els8

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2026-1777304792.json"

TuxCare:CentOS:6 / expat-devel

Package

Name
expat-devel
Purl
pkg:rpm/tuxcare/expat-devel?distro=centos-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.0.1-13.el6_8.tuxcare.els8

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2026-1777304792.json"