Vulnerabilities
Misconfiguration
Compliance
CVE Vulnerabilities

CVE-2012-1148

Published: Jul 03, 2012 | Modified: Apr 11, 2025
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
RedHat/V2
5 MODERATE
AV:N/AC:L/Au:N/C:N/I:N/A:P
RedHat/V3
7.5 MODERATE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Ubuntu
LOW
Vulnerability-free packages from our partners
root.io logo minimus.io logo echo.ai logo
Additional information
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2012-1148
CWEhttps://cwe.mitre.org/data/definitions/399.html

Memory leak in the poolGrow function in expat/lib/xmlparse.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service (memory consumption) via a large number of crafted XML files that cause improperly-handled reallocation failures when expanding entities.

Affected Software

NameVendorStart VersionEnd Version
LibexpatLibexpat_project*2.0.1 (including)
LibexpatLibexpat_project1.95.1 (including)1.95.1 (including)
LibexpatLibexpat_project1.95.2 (including)1.95.2 (including)
LibexpatLibexpat_project1.95.4 (including)1.95.4 (including)
LibexpatLibexpat_project1.95.5 (including)1.95.5 (including)
LibexpatLibexpat_project1.95.6 (including)1.95.6 (including)
LibexpatLibexpat_project1.95.7 (including)1.95.7 (including)
LibexpatLibexpat_project1.95.8 (including)1.95.8 (including)
LibexpatLibexpat_project2.0.0 (including)2.0.0 (including)
Red Hat Enterprise Linux 5RedHatexpat-0:1.95.8-11.el5_8*
Red Hat Enterprise Linux 6RedHatexpat-0:2.0.1-11.el6_2*
Text-Only JBCSRedHatexpat*
AudacityUbuntuhardy*
AudacityUbuntukinetic*
AudacityUbuntulucid*
AudacityUbuntulunar*
AudacityUbuntumantic*
AudacityUbuntumaverick*
AudacityUbuntunatty*
AudacityUbuntuoneiric*
AudacityUbuntuquantal*
AudacityUbunturaring*
AudacityUbuntusaucy*
AudacityUbuntuutopic*
AudacityUbuntuvivid*
AyttmUbuntuesm-apps/xenial*
AyttmUbuntuhardy*
AyttmUbuntulucid*
AyttmUbuntumaverick*
AyttmUbuntunatty*
AyttmUbuntuoneiric*
AyttmUbuntuprecise*
AyttmUbuntuquantal*
AyttmUbunturaring*
AyttmUbuntusaucy*
AyttmUbuntutrusty*
AyttmUbuntuutopic*
AyttmUbuntuvivid*
AyttmUbuntuwily*
AyttmUbuntuxenial*
AyttmUbuntuyakkety*
CableswigUbuntuesm-apps/xenial*
CableswigUbuntuhardy*
CableswigUbuntulucid*
CableswigUbuntumaverick*
CableswigUbuntunatty*
CableswigUbuntuoneiric*
CableswigUbuntuprecise*
CableswigUbuntuquantal*
CableswigUbunturaring*
CableswigUbuntusaucy*
CableswigUbuntutrusty*
CableswigUbuntuutopic*
CableswigUbuntuvivid*
CableswigUbuntuwily*
CableswigUbuntuxenial*
CadaverUbuntuartful*
CadaverUbuntubionic*
CadaverUbuntucosmic*
CadaverUbuntudevel*
CadaverUbuntudisco*
CadaverUbuntueoan*
CadaverUbuntuesm-apps/bionic*
CadaverUbuntuesm-apps/focal*
CadaverUbuntuesm-apps/jammy*
CadaverUbuntuesm-apps/noble*
CadaverUbuntuesm-apps/xenial*
CadaverUbuntufocal*
CadaverUbuntugroovy*
CadaverUbuntuhardy*
CadaverUbuntuhirsute*
CadaverUbuntuimpish*
CadaverUbuntujammy*
CadaverUbuntukinetic*
CadaverUbuntulucid*
CadaverUbuntulunar*
CadaverUbuntumantic*
CadaverUbuntumaverick*
CadaverUbuntunatty*
CadaverUbuntunoble*
CadaverUbuntuoneiric*
CadaverUbuntuoracular*
CadaverUbuntuplucky*
CadaverUbuntuprecise*
CadaverUbuntuquantal*
CadaverUbuntuquesting*
CadaverUbunturaring*
CadaverUbuntusaucy*
CadaverUbuntutrusty*
CadaverUbuntuutopic*
CadaverUbuntuvivid*
CadaverUbuntuwily*
CadaverUbuntuxenial*
CadaverUbuntuyakkety*
CadaverUbuntuzesty*
CmakeUbuntuhardy*
Coin3Ubuntuartful*
Coin3Ubuntubionic*
Coin3Ubuntucosmic*
Coin3Ubuntuesm-apps/bionic*
Coin3Ubuntuesm-apps/xenial*
Coin3Ubuntuesm-infra-legacy/trusty*
Coin3Ubuntulucid*
Coin3Ubuntumaverick*
Coin3Ubuntunatty*
Coin3Ubuntuoneiric*
Coin3Ubuntuprecise*
Coin3Ubuntuquantal*
Coin3Ubunturaring*
Coin3Ubuntusaucy*
Coin3Ubuntutrusty*
Coin3Ubuntutrusty/esm*
Coin3Ubuntuutopic*
Coin3Ubuntuvivid*
Coin3Ubuntuwily*
Coin3Ubuntuxenial*
Coin3Ubuntuyakkety*
Coin3Ubuntuzesty*
ExpatUbuntuhardy*
ExpatUbuntulucid*
ExpatUbuntumaverick*
ExpatUbuntunatty*
ExpatUbuntuoneiric*
ExpatUbuntuprecise*
ExpatUbuntuupstream*
GdcmUbuntulucid*
GdcmUbuntumaverick*
GdcmUbuntunatty*
GdcmUbuntuoneiric*
GdcmUbuntuquantal*
GdcmUbunturaring*
GdcmUbuntusaucy*
GdcmUbuntuutopic*
GdcmUbuntuvivid*
GrmonitorUbuntuhardy*
InsighttoolkitUbuntuesm-apps/xenial*
InsighttoolkitUbuntuhardy*
InsighttoolkitUbuntulucid*
InsighttoolkitUbuntumaverick*
InsighttoolkitUbuntunatty*
InsighttoolkitUbuntuoneiric*
InsighttoolkitUbuntuprecise*
InsighttoolkitUbuntuquantal*
InsighttoolkitUbunturaring*
InsighttoolkitUbuntusaucy*
InsighttoolkitUbuntutrusty*
InsighttoolkitUbuntuutopic*
InsighttoolkitUbuntuvivid*
InsighttoolkitUbuntuwily*
InsighttoolkitUbuntuxenial*
KompozerUbuntuhardy*
KompozerUbuntulucid*
KompozerUbuntumaverick*
KompozerUbuntunatty*
KompozerUbuntuoneiric*
KompozerUbuntuprecise*
Libparagui1.1Ubuntuhardy*
Libparagui1.1Ubuntulucid*
Libparagui1.1Ubuntumaverick*
Libparagui1.1Ubuntunatty*
Libparagui1.1Ubuntuoneiric*
Libparagui1.1Ubuntuprecise*
LibxmltokUbuntubionic*
LibxmltokUbuntuesm-apps/bionic*
LibxmltokUbuntuesm-apps/focal*
LibxmltokUbuntuesm-apps/jammy*
LibxmltokUbuntuesm-apps/noble*
LibxmltokUbuntuesm-apps/xenial*
LibxmltokUbuntufocal*
LibxmltokUbuntuhirsute*
LibxmltokUbuntuimpish*
LibxmltokUbuntujammy*
LibxmltokUbuntukinetic*
LibxmltokUbuntulunar*
LibxmltokUbuntumantic*
LibxmltokUbuntunoble*
LibxmltokUbuntuoracular*
LibxmltokUbuntuplucky*
LibxmltokUbuntutrusty*
LibxmltokUbuntuupstream*
LibxmltokUbuntuxenial*
MatanzaUbuntuartful*
MatanzaUbuntubionic*
MatanzaUbuntucosmic*
MatanzaUbuntudevel*
MatanzaUbuntudisco*
MatanzaUbuntueoan*
MatanzaUbuntuesm-apps/bionic*
MatanzaUbuntuesm-apps/focal*
MatanzaUbuntuesm-apps/jammy*
MatanzaUbuntuesm-apps/noble*
MatanzaUbuntuesm-apps/xenial*
MatanzaUbuntufocal*
MatanzaUbuntugroovy*
MatanzaUbuntuhardy*
MatanzaUbuntuhirsute*
MatanzaUbuntuimpish*
MatanzaUbuntujammy*
MatanzaUbuntukinetic*
MatanzaUbuntulucid*
MatanzaUbuntulunar*
MatanzaUbuntumantic*
MatanzaUbuntumaverick*
MatanzaUbuntunatty*
MatanzaUbuntunoble*
MatanzaUbuntuoneiric*
MatanzaUbuntuoracular*
MatanzaUbuntuplucky*
MatanzaUbuntuprecise*
MatanzaUbuntuquantal*
MatanzaUbuntuquesting*
MatanzaUbunturaring*
MatanzaUbuntusaucy*
MatanzaUbuntutrusty*
MatanzaUbuntuutopic*
MatanzaUbuntuvivid*
MatanzaUbuntuwily*
MatanzaUbuntuxenial*
MatanzaUbuntuyakkety*
MatanzaUbuntuzesty*
ParaviewUbuntulucid*
ParaviewUbuntumaverick*
ParaviewUbuntunatty*
ParaviewUbuntuoneiric*
ParaviewUbuntuplucky*
ParaviewUbuntuquantal*
ParaviewUbunturaring*
ParaviewUbuntusaucy*
ParaviewUbuntuutopic*
ParaviewUbuntuvivid*
PocoUbuntuhardy*
PocoUbuntulucid*
PocoUbuntumaverick*
PocoUbuntunatty*
PocoUbuntuoneiric*
PocoUbuntuquantal*
PocoUbunturaring*
PocoUbuntusaucy*
PocoUbuntuutopic*
PocoUbuntuvivid*
Python-xmlUbuntuhardy*
Python2.4Ubuntuhardy*
Python2.5Ubuntuhardy*
SimgearUbuntuhardy*
SimgearUbuntulucid*
SimgearUbuntumaverick*
SimgearUbuntunatty*
SimgearUbuntuoneiric*
SimgearUbuntuprecise*
SimgearUbuntuquantal*
SimgearUbunturaring*
SimgearUbuntusaucy*
SimgearUbuntuutopic*
SimgearUbuntuvivid*
SitecopyUbuntuartful*
SitecopyUbuntuhardy*
SitecopyUbuntulucid*
SitecopyUbuntumaverick*
SitecopyUbuntunatty*
SitecopyUbuntuoneiric*
SitecopyUbuntuoracular*
SitecopyUbuntuplucky*
SitecopyUbuntuprecise*
SitecopyUbuntuquantal*
SitecopyUbunturaring*
SitecopyUbuntusaucy*
SitecopyUbuntutrusty*
SitecopyUbuntuutopic*
SitecopyUbuntuvivid*
SitecopyUbuntuwily*
SitecopyUbuntuyakkety*
SitecopyUbuntuzesty*
Swish-eUbuntuartful*
Swish-eUbuntubionic*
Swish-eUbuntucosmic*
Swish-eUbuntudevel*
Swish-eUbuntudisco*
Swish-eUbuntueoan*
Swish-eUbuntuesm-apps/bionic*
Swish-eUbuntuesm-apps/focal*
Swish-eUbuntuesm-apps/jammy*
Swish-eUbuntuesm-apps/noble*
Swish-eUbuntuesm-apps/xenial*
Swish-eUbuntufocal*
Swish-eUbuntugroovy*
Swish-eUbuntuhardy*
Swish-eUbuntuhirsute*
Swish-eUbuntuimpish*
Swish-eUbuntujammy*
Swish-eUbuntukinetic*
Swish-eUbuntulucid*
Swish-eUbuntulunar*
Swish-eUbuntumantic*
Swish-eUbuntumaverick*
Swish-eUbuntunatty*
Swish-eUbuntunoble*
Swish-eUbuntuoneiric*
Swish-eUbuntuoracular*
Swish-eUbuntuplucky*
Swish-eUbuntuprecise*
Swish-eUbuntuquantal*
Swish-eUbuntuquesting*
Swish-eUbunturaring*
Swish-eUbuntusaucy*
Swish-eUbuntutrusty*
Swish-eUbuntuutopic*
Swish-eUbuntuvivid*
Swish-eUbuntuwily*
Swish-eUbuntuxenial*
Swish-eUbuntuyakkety*
Swish-eUbuntuzesty*
TdomUbuntuartful*
TdomUbuntulucid*
TdomUbuntumaverick*
TdomUbuntunatty*
TdomUbuntuoneiric*
TdomUbuntuprecise*
TdomUbuntuquantal*
TdomUbunturaring*
TdomUbuntusaucy*
TdomUbuntutrusty*
TdomUbuntuutopic*
TdomUbuntuvivid*
TdomUbuntuwily*
TdomUbuntuyakkety*
TdomUbuntuzesty*
TlaUbuntuartful*
TlaUbuntuhardy*
TlaUbuntulucid*
TlaUbuntumaverick*
TlaUbuntunatty*
TlaUbuntuoneiric*
TlaUbuntuprecise*
TlaUbuntuquantal*
TlaUbunturaring*
TlaUbuntusaucy*
TlaUbuntuutopic*
TlaUbuntuvivid*
TlaUbuntuwily*
TlaUbuntuyakkety*
TlaUbuntuzesty*
Vnc4Ubuntuartful*
Vnc4Ubuntubionic*
Vnc4Ubuntucosmic*
Vnc4Ubuntudisco*
Vnc4Ubuntueoan*
Vnc4Ubuntuesm-apps/bionic*
Vnc4Ubuntuesm-apps/xenial*
Vnc4Ubuntuesm-infra-legacy/trusty*
Vnc4Ubuntuhardy*
Vnc4Ubuntulucid*
Vnc4Ubuntumaverick*
Vnc4Ubuntunatty*
Vnc4Ubuntuoneiric*
Vnc4Ubuntuprecise*
Vnc4Ubuntuquantal*
Vnc4Ubunturaring*
Vnc4Ubuntusaucy*
Vnc4Ubuntutrusty*
Vnc4Ubuntutrusty/esm*
Vnc4Ubuntuupstream*
Vnc4Ubuntuutopic*
Vnc4Ubuntuvivid*
Vnc4Ubuntuwily*
Vnc4Ubuntuxenial*
Vnc4Ubuntuyakkety*
Vnc4Ubuntuzesty*
VtkUbuntuhardy*
VtkUbuntulucid*
VtkUbuntumaverick*
VtkUbuntunatty*
VtkUbuntuoneiric*
VtkUbuntuprecise*
VtkUbuntuquantal*
VtkUbunturaring*
VtkUbuntusaucy*
VtkUbuntuutopic*
VtkUbuntuvivid*
VtkUbuntuwily*
W3c-libwwwUbuntuhardy*
Wbxml2Ubuntuartful*
Wbxml2Ubuntuhardy*
Wbxml2Ubuntulucid*
Wbxml2Ubuntumaverick*
Wbxml2Ubuntunatty*
Wbxml2Ubuntuoneiric*
Wbxml2Ubuntuprecise*
Wbxml2Ubuntuquantal*
Wbxml2Ubunturaring*
Wbxml2Ubuntusaucy*
Wbxml2Ubuntutrusty*
Wbxml2Ubuntuutopic*
Wbxml2Ubuntuvivid*
Wbxml2Ubuntuwily*
Wbxml2Ubuntuyakkety*
Wbxml2Ubuntuzesty*
Wxwidgets2.6Ubuntuhardy*
Wxwidgets2.6Ubuntulucid*
Wxwidgets2.6Ubuntumaverick*
Wxwidgets2.6Ubuntunatty*
Wxwidgets2.6Ubuntuoneiric*
Wxwidgets2.6Ubuntuprecise*
Wxwidgets2.8Ubuntuhardy*
Wxwidgets2.8Ubuntulucid*
Wxwidgets2.8Ubuntumaverick*
Wxwidgets2.8Ubuntunatty*
Wxwidgets2.8Ubuntuoneiric*
Wxwidgets2.8Ubuntuprecise*
Wxwidgets2.8Ubuntuquantal*
Wxwidgets2.8Ubunturaring*
Wxwidgets2.8Ubuntusaucy*
Wxwidgets2.8Ubuntuutopic*
Wxwidgets2.8Ubuntuvivid*
Wxwidgets2.8Ubuntuwily*
Wxwindows2.4Ubuntuhardy*
Xmlrpc-cUbuntuartful*
Xmlrpc-cUbuntubionic*
Xmlrpc-cUbuntucosmic*
Xmlrpc-cUbuntudevel*
Xmlrpc-cUbuntudisco*
Xmlrpc-cUbuntueoan*
Xmlrpc-cUbuntuesm-apps/bionic*
Xmlrpc-cUbuntuesm-apps/focal*
Xmlrpc-cUbuntuesm-apps/jammy*
Xmlrpc-cUbuntuesm-apps/noble*
Xmlrpc-cUbuntuesm-apps/xenial*
Xmlrpc-cUbuntuesm-infra-legacy/trusty*
Xmlrpc-cUbuntufocal*
Xmlrpc-cUbuntugroovy*
Xmlrpc-cUbuntuhardy*
Xmlrpc-cUbuntuhirsute*
Xmlrpc-cUbuntuimpish*
Xmlrpc-cUbuntujammy*
Xmlrpc-cUbuntukinetic*
Xmlrpc-cUbuntulucid*
Xmlrpc-cUbuntulunar*
Xmlrpc-cUbuntumantic*
Xmlrpc-cUbuntumaverick*
Xmlrpc-cUbuntunatty*
Xmlrpc-cUbuntunoble*
Xmlrpc-cUbuntuoneiric*
Xmlrpc-cUbuntuoracular*
Xmlrpc-cUbuntuplucky*
Xmlrpc-cUbuntuprecise*
Xmlrpc-cUbuntuquantal*
Xmlrpc-cUbuntuquesting*
Xmlrpc-cUbunturaring*
Xmlrpc-cUbuntusaucy*
Xmlrpc-cUbuntutrusty*
Xmlrpc-cUbuntutrusty/esm*
Xmlrpc-cUbuntuutopic*
Xmlrpc-cUbuntuvivid*
Xmlrpc-cUbuntuwily*
Xmlrpc-cUbuntuxenial*
Xmlrpc-cUbuntuyakkety*
Xmlrpc-cUbuntuzesty*
XotclUbuntuartful*
XotclUbuntucosmic*
XotclUbuntudisco*
XotclUbuntueoan*
XotclUbuntulucid*
XotclUbuntumaverick*
XotclUbuntunatty*
XotclUbuntuoneiric*
XotclUbuntuprecise*
XotclUbuntuquantal*
XotclUbunturaring*
XotclUbuntusaucy*
XotclUbuntutrusty*
XotclUbuntuutopic*
XotclUbuntuvivid*
XotclUbuntuwily*
XotclUbuntuyakkety*
XotclUbuntuzesty*
XulrunnerUbuntuhardy*

References

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.
Copyright © 2026 Aqua Security Software Ltd.   Privacy Policy | Terms of Use