CLSA-2026-1777305047

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2026-1777305047.json
JSON Data
https://api.test.osv.dev/v1/vulns/CLSA-2026-1777305047
Upstream
Published
2026-04-27T15:50:52Z
Modified
2026-05-27T11:18:16.862981365Z
Summary
expat: Fix of 3 CVEs
Details
  • CVE-2017-9233: Fix external entity infinite loop bug
  • CVE-2018-20843: Fix extraction of namespace prefix from XML name
  • CVE-2019-15903: Deny internal entities closing the doctype (heap overread)
References

Affected packages

TuxCare:OracleLinux:6 / expat

Package

Name
expat
Purl
pkg:rpm/tuxcare/expat?distro=oraclelinux-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.0.1-13.el6_8.tuxcare.els8

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2026-1777305047.json"

TuxCare:OracleLinux:6 / expat-devel

Package

Name
expat-devel
Purl
pkg:rpm/tuxcare/expat-devel?distro=oraclelinux-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.0.1-13.el6_8.tuxcare.els8

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2026-1777305047.json"