An issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser function because XML_StopParser can stop/suspend an unstarted parser.
| Platform | Package | Release Date | Advisory |
|---|---|---|---|
| HAQM Linux 2 - Core | expat | 2025-03-06 | ALAS2-2025-2774 |
| HAQM Linux 2023 | expat | 2025-01-09 | ALAS2023-2025-793 |
| HAQM Linux 2 - Firefox Extra | firefox | 2025-04-29 | ALAS2FIREFOX-2025-037 |
| HAQM Linux 2 - Core | thunderbird | 2025-04-16 | ALAS2-2025-2830 |
| Score Type | Score | Vector | |
|---|---|---|---|
| HAQM Linux | CVSSv3 | 5.9 | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |
| NVD | CVSSv3 | 5.9 | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |
