CVE-2019-15903

HIGH

libexpat <2.2.8 - Buffer Overflow

Title source: llm

Description

In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read.

References (59)

[Mailing List, Third Party Advisory] https://seclists.org/bugtraq/2019/Sep/30

[Third Party Advisory] https://usn.ubuntu.com/4132-2/

[Mailing List, Third Party Advisory] https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BDUTI5TVQWIGGQXPEVI4T2ENHFSBMIBP/

[Third Party Advisory] https://www.debian.org/security/2019/dsa-4530

[Mailing List, Third Party Advisory] https://seclists.org/bugtraq/2019/Sep/37

[Mailing List, Third Party Advisory] https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A4TZKPJFTURRLXIGLB34WVKQ5HGY6JJA/

[Mailing List, Third Party Advisory] http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00081.html

[Mailing List, Third Party Advisory] http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00080.html

[Mailing List, Third Party Advisory] https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S26LGXXQ7YF2BP3RGOWELBFKM6BHF6UG/

[Mailing List, Third Party Advisory] https://seclists.org/bugtraq/2019/Oct/29

[Third Party Advisory] https://usn.ubuntu.com/4165-1/

[Third Party Advisory] https://www.debian.org/security/2019/dsa-4549

[Third Party Advisory] https://access.redhat.com/errata/RHSA-2019:3210

[Third Party Advisory] https://access.redhat.com/errata/RHSA-2019:3237

[Mailing List, Third Party Advisory] https://seclists.org/bugtraq/2019/Nov/1

[Mailing List, Third Party Advisory] http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00000.html

[Mailing List, Third Party Advisory] http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00002.html

[Mailing List, Third Party Advisory] http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00003.html

[Third Party Advisory] https://access.redhat.com/errata/RHSA-2019:3756

[Mailing List, Third Party Advisory] http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00013.html

... and 39 more

Scores

CVSS v3 7.5

EPSS 0.0020

EPSS Percentile 41.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-776 CWE-125

Status published

Products (2)

libexpat_project/libexpat < 2.2.8

python/python 2.7.0 - 2.7.17

Published Sep 04, 2019

Tracked Since Feb 18, 2026