CVE-2026-32777

Опубликовано: 16 мар. 2026

Источник: redhat

CVSS3: 4

EPSS Низкий

Описание

A flaw was found in libexpat. A remote attacker could exploit this vulnerability by providing specially crafted Document Type Definition (DTD) content. This could lead to an infinite loop during parsing, resulting in a Denial of Service (DoS) for the application using libexpat.

Отчет

This MODERATE impact flaw in libexpat can lead to a denial of service when processing specially crafted Document Type Definition (DTD) content, causing an infinite loop during parsing.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 10	expat	Fix deferred
Red Hat Enterprise Linux 6	compat-expat1	Fix deferred
Red Hat Enterprise Linux 6	expat	Fix deferred
Red Hat Enterprise Linux 7	expat	Fix deferred
Red Hat Enterprise Linux 8	expat	Fix deferred
Red Hat Enterprise Linux 8	mingw-expat	Fix deferred
Red Hat Enterprise Linux 9	expat	Fix deferred

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

https://bugzilla.redhat.com/show_bug.cgi?id=2447890libexpat: libexpat: Denial of Service via infinite loop in DTD content parsing

EPSS

Процентиль: 2%

0.00012

Низкий

4 Medium

CVSS3

Связанные уязвимости

CVE-2026-32777

CVSS3: 4

ubuntu

10 дней назад

libexpat before 2.7.5 allows an infinite loop while parsing DTD content.

CVE-2026-32777

CVSS3: 4

nvd

10 дней назад

libexpat before 2.7.5 allows an infinite loop while parsing DTD content.

CVE-2026-32777

msrc

10 дней назад

Описание отсутствует

CVE-2026-32777

CVSS3: 4

debian

10 дней назад

libexpat before 2.7.5 allows an infinite loop while parsing DTD conten ...

GHSA-9rpf-mhcj-gv7r

CVSS3: 4

github

10 дней назад

libexpat before 2.7.5 allows an infinite loop while parsing DTD content.

EPSS

Процентиль: 2%

0.00012

Низкий

4 Medium

CVSS3