Vulnerabilities
Misconfiguration
Compliance
CVE Vulnerabilities

CVE-2018-20843

Improper Restriction of XML External Entity Reference

Published: Jun 24, 2019 | Modified: May 30, 2025
CVSS 3.x
7.5
HIGH
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVSS 2.x
7.8 HIGH
AV:N/AC:L/Au:N/C:N/I:N/A:C
RedHat/V2
RedHat/V3
7.5 MODERATE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Ubuntu
LOW
Vulnerability-free packages from our partners
Additional information
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2018-20843
CWEhttps://cwe.mitre.org/data/definitions/611.html

In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing (enough to be usable for denial-of-service attacks).

Weakness

The product processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output.

Affected Software

Name Vendor Start Version End Version
Libexpat Libexpat_project * 2.2.7 (excluding)
JBoss Core Services on RHEL 6 RedHat jbcs-httpd24-curl-0:7.64.1-36.jbcs.el6 *
JBoss Core Services on RHEL 6 RedHat jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el6 *
JBoss Core Services on RHEL 6 RedHat jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el6 *
JBoss Core Services on RHEL 6 RedHat jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el6 *
JBoss Core Services on RHEL 6 RedHat jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el6 *
JBoss Core Services on RHEL 6 RedHat jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el6 *
JBoss Core Services on RHEL 6 RedHat jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el6 *
JBoss Core Services on RHEL 6 RedHat jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el6 *
JBoss Core Services on RHEL 7 RedHat jbcs-httpd24-curl-0:7.64.1-36.jbcs.el7 *
JBoss Core Services on RHEL 7 RedHat jbcs-httpd24-httpd-0:2.4.37-57.jbcs.el7 *
JBoss Core Services on RHEL 7 RedHat jbcs-httpd24-mod_cluster-native-0:1.3.14-4.Final_redhat_2.jbcs.el7 *
JBoss Core Services on RHEL 7 RedHat jbcs-httpd24-mod_http2-0:1.15.7-3.jbcs.el7 *
JBoss Core Services on RHEL 7 RedHat jbcs-httpd24-mod_jk-0:1.2.48-4.redhat_1.jbcs.el7 *
JBoss Core Services on RHEL 7 RedHat jbcs-httpd24-mod_md-1:2.0.8-24.jbcs.el7 *
JBoss Core Services on RHEL 7 RedHat jbcs-httpd24-mod_security-0:2.9.2-51.GA.jbcs.el7 *
JBoss Core Services on RHEL 7 RedHat jbcs-httpd24-nghttp2-0:1.39.2-25.jbcs.el7 *
JBoss Core Services on RHEL 7 RedHat jbcs-httpd24-openssl-pkcs11-0:0.4.10-7.jbcs.el7 *
Red Hat Enterprise Linux 7 RedHat expat-0:2.1.0-12.el7 *
Red Hat Enterprise Linux 8 RedHat mingw-expat-0:2.2.4-5.el8 *
Red Hat Enterprise Linux 8 RedHat expat-0:2.2.5-4.el8 *
Red Hat Enterprise Linux 8.2 Advanced Update Support RedHat expat-0:2.2.10-1.el8_2 *
Red Hat OpenShift Do RedHat openshiftdo/odo-init-image-rhel7:1.1.3-2 *
Text-Only JBCS RedHat expat *
Apache2 Ubuntu trusty *
Apr-util Ubuntu trusty *
Audacity Ubuntu kinetic *
Audacity Ubuntu lunar *
Audacity Ubuntu mantic *
Audacity Ubuntu trusty *
Ayttm Ubuntu trusty *
Ayttm Ubuntu xenial *
Cableswig Ubuntu trusty *
Cableswig Ubuntu xenial *
Cadaver Ubuntu bionic *
Cadaver Ubuntu cosmic *
Cadaver Ubuntu disco *
Cadaver Ubuntu eoan *
Cadaver Ubuntu focal *
Cadaver Ubuntu groovy *
Cadaver Ubuntu hirsute *
Cadaver Ubuntu impish *
Cadaver Ubuntu kinetic *
Cadaver Ubuntu lunar *
Cadaver Ubuntu mantic *
Cadaver Ubuntu oracular *
Cadaver Ubuntu trusty *
Cadaver Ubuntu xenial *
Cmake Ubuntu trusty *
Coin3 Ubuntu bionic *
Coin3 Ubuntu cosmic *
Coin3 Ubuntu disco *
Coin3 Ubuntu eoan *
Coin3 Ubuntu esm-apps/bionic *
Coin3 Ubuntu esm-apps/xenial *
Coin3 Ubuntu esm-infra-legacy/trusty *
Coin3 Ubuntu groovy *
Coin3 Ubuntu trusty *
Coin3 Ubuntu trusty/esm *
Coin3 Ubuntu xenial *
Expat Ubuntu bionic *
Expat Ubuntu cosmic *
Expat Ubuntu devel *
Expat Ubuntu disco *
Expat Ubuntu eoan *
Expat Ubuntu esm-infra-legacy/trusty *
Expat Ubuntu esm-infra/bionic *
Expat Ubuntu esm-infra/focal *
Expat Ubuntu esm-infra/xenial *
Expat Ubuntu focal *
Expat Ubuntu groovy *
Expat Ubuntu hirsute *
Expat Ubuntu impish *
Expat Ubuntu jammy *
Expat Ubuntu kinetic *
Expat Ubuntu lunar *
Expat Ubuntu mantic *
Expat Ubuntu noble *
Expat Ubuntu oracular *
Expat Ubuntu plucky *
Expat Ubuntu questing *
Expat Ubuntu trusty *
Expat Ubuntu trusty/esm *
Expat Ubuntu upstream *
Expat Ubuntu xenial *
Firefox Ubuntu cosmic *
Firefox Ubuntu disco *
Firefox Ubuntu trusty *
Gdcm Ubuntu trusty *
Ghostscript Ubuntu trusty *
Insighttoolkit Ubuntu trusty *
Insighttoolkit Ubuntu xenial *
Insighttoolkit4 Ubuntu esm-apps/xenial *
Insighttoolkit4 Ubuntu trusty *
Insighttoolkit4 Ubuntu xenial *
Libxmltok Ubuntu bionic *
Libxmltok Ubuntu esm-apps/bionic *
Libxmltok Ubuntu esm-apps/focal *
Libxmltok Ubuntu esm-apps/jammy *
Libxmltok Ubuntu esm-apps/noble *
Libxmltok Ubuntu esm-apps/xenial *
Libxmltok Ubuntu focal *
Libxmltok Ubuntu hirsute *
Libxmltok Ubuntu impish *
Libxmltok Ubuntu jammy *
Libxmltok Ubuntu kinetic *
Libxmltok Ubuntu lunar *
Libxmltok Ubuntu mantic *
Libxmltok Ubuntu noble *
Libxmltok Ubuntu oracular *
Libxmltok Ubuntu plucky *
Libxmltok Ubuntu trusty *
Libxmltok Ubuntu upstream *
Libxmltok Ubuntu xenial *
Matanza Ubuntu bionic *
Matanza Ubuntu cosmic *
Matanza Ubuntu devel *
Matanza Ubuntu disco *
Matanza Ubuntu eoan *
Matanza Ubuntu esm-apps/bionic *
Matanza Ubuntu esm-apps/focal *
Matanza Ubuntu esm-apps/jammy *
Matanza Ubuntu esm-apps/noble *
Matanza Ubuntu esm-apps/xenial *
Matanza Ubuntu focal *
Matanza Ubuntu groovy *
Matanza Ubuntu hirsute *
Matanza Ubuntu impish *
Matanza Ubuntu jammy *
Matanza Ubuntu kinetic *
Matanza Ubuntu lunar *
Matanza Ubuntu mantic *
Matanza Ubuntu noble *
Matanza Ubuntu oracular *
Matanza Ubuntu plucky *
Matanza Ubuntu questing *
Matanza Ubuntu trusty *
Matanza Ubuntu xenial *
Poco Ubuntu trusty *
Simgear Ubuntu trusty *
Sitecopy Ubuntu oracular *
Sitecopy Ubuntu trusty *
Smart Ubuntu trusty *
Swish-e Ubuntu bionic *
Swish-e Ubuntu cosmic *
Swish-e Ubuntu disco *
Swish-e Ubuntu eoan *
Swish-e Ubuntu focal *
Swish-e Ubuntu groovy *
Swish-e Ubuntu hirsute *
Swish-e Ubuntu impish *
Swish-e Ubuntu kinetic *
Swish-e Ubuntu lunar *
Swish-e Ubuntu mantic *
Swish-e Ubuntu oracular *
Swish-e Ubuntu trusty *
Swish-e Ubuntu xenial *
Tdom Ubuntu cosmic *
Tdom Ubuntu trusty *
Texlive-bin Ubuntu trusty *
Thunderbird Ubuntu cosmic *
Thunderbird Ubuntu disco *
Thunderbird Ubuntu trusty *
Vnc4 Ubuntu bionic *
Vnc4 Ubuntu cosmic *
Vnc4 Ubuntu esm-apps/bionic *
Vnc4 Ubuntu esm-apps/xenial *
Vnc4 Ubuntu esm-infra-legacy/trusty *
Vnc4 Ubuntu trusty *
Vnc4 Ubuntu trusty/esm *
Vnc4 Ubuntu upstream *
Vnc4 Ubuntu xenial *
Vtk Ubuntu esm-apps/xenial *
Vtk Ubuntu esm-infra-legacy/trusty *
Vtk Ubuntu trusty *
Vtk Ubuntu trusty/esm *
Vtk Ubuntu xenial *
Wbxml2 Ubuntu trusty *
Wxwidgets2.8 Ubuntu trusty *
Xmlrpc-c Ubuntu bionic *
Xmlrpc-c Ubuntu cosmic *
Xmlrpc-c Ubuntu disco *
Xmlrpc-c Ubuntu eoan *
Xmlrpc-c Ubuntu focal *
Xmlrpc-c Ubuntu groovy *
Xmlrpc-c Ubuntu hirsute *
Xmlrpc-c Ubuntu impish *
Xmlrpc-c Ubuntu kinetic *
Xmlrpc-c Ubuntu lunar *
Xmlrpc-c Ubuntu mantic *
Xmlrpc-c Ubuntu oracular *
Xmlrpc-c Ubuntu trusty *
Xmlrpc-c Ubuntu trusty/esm *
Xmlrpc-c Ubuntu xenial *

Potential Mitigations

References

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.
Copyright © 2025 Aqua Security Software Ltd.   Privacy Policy | Terms of Use