libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via XML_ExternalEntityParserCreate).
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Red Hat Enterprise Linux 9 | RedHat | expat-0:2.5.0-1.el9_3.1 | * |
| Red Hat Enterprise Linux 9 | RedHat | expat-0:2.5.0-1.el9_3.1 | * |
| Red Hat Enterprise Linux 9.2 Extended Update Support | RedHat | expat-0:2.5.0-1.el9_2.1 | * |
| Cadaver | Ubuntu | mantic | * |
| Coin3 | Ubuntu | trusty/esm | * |
| Expat | Ubuntu | esm-infra-legacy/trusty | * |
| Expat | Ubuntu | esm-infra/bionic | * |
| Expat | Ubuntu | esm-infra/xenial | * |
| Expat | Ubuntu | focal | * |
| Expat | Ubuntu | jammy | * |
| Expat | Ubuntu | mantic | * |
| Expat | Ubuntu | trusty/esm | * |
| Libxmltok | Ubuntu | devel | * |
| Libxmltok | Ubuntu | esm-apps/bionic | * |
| Libxmltok | Ubuntu | esm-apps/focal | * |
| Libxmltok | Ubuntu | esm-apps/jammy | * |
| Libxmltok | Ubuntu | esm-apps/noble | * |
| Libxmltok | Ubuntu | esm-apps/xenial | * |
| Libxmltok | Ubuntu | focal | * |
| Libxmltok | Ubuntu | jammy | * |
| Libxmltok | Ubuntu | mantic | * |
| Libxmltok | Ubuntu | noble | * |
| Libxmltok | Ubuntu | oracular | * |
| Matanza | Ubuntu | devel | * |
| Matanza | Ubuntu | esm-apps/bionic | * |
| Matanza | Ubuntu | esm-apps/focal | * |
| Matanza | Ubuntu | esm-apps/jammy | * |
| Matanza | Ubuntu | esm-apps/noble | * |
| Matanza | Ubuntu | esm-apps/xenial | * |
| Matanza | Ubuntu | focal | * |
| Matanza | Ubuntu | jammy | * |
| Matanza | Ubuntu | mantic | * |
| Matanza | Ubuntu | noble | * |
| Matanza | Ubuntu | oracular | * |
| Swish-e | Ubuntu | mantic | * |
| Tdom | Ubuntu | mantic | * |
| Vnc4 | Ubuntu | trusty/esm | * |
| Vtk | Ubuntu | trusty/esm | * |
| Wbxml2 | Ubuntu | mantic | * |
| Xmlrpc-c | Ubuntu | mantic | * |
| Xmlrpc-c | Ubuntu | trusty/esm | * |