Skip to main content
Vulnerability Intelligence
Platform
Solutions
Customers
Resources
Company
Login
Get Demo
SUSE-SU-2026:0647-1 | Mondoo Vulnerability Intelligence
Vulnerability Intelligence
SUSE-SU-2026:0647-1
SUSE-SU-2026:0647-1
UNKNOWN
Security update for expat
Published Feb 25, 2026
Modified 1 weeks ago
Fix available
Details
This update for expat fixes the following issues:
CVE-2026-24515: Fixed a null dereference in XML_ExternalEntityParserCreate. (bsc#1257144)
CVE-2026-25210: Fixed an integer overflow in doContent. (bsc#1257496)
Affected Packages
expat
SUSE Linux Enterprise Server LTSS Extended Security 12 SP5
Fixed in:
2.7.1-21.49.1
libexpat-devel
SUSE Linux Enterprise Server LTSS Extended Security 12 SP5
Fixed in:
2.7.1-21.49.1
libexpat1
SUSE Linux Enterprise Server LTSS Extended Security 12 SP5
Fixed in:
2.7.1-21.49.1
libexpat1-32bit
SUSE Linux Enterprise Server LTSS Extended Security 12 SP5
Fixed in:
2.7.1-21.49.1
References
REPORT
https://bugzilla.suse.com/1257144
REPORT
https://bugzilla.suse.com/1257496
WEB
https://www.suse.com/security/cve/CVE-2026-24515
WEB
https://www.suse.com/security/cve/CVE-2026-25210
ADVISORY
https://www.suse.com/support/update/announcement/2026/suse-su-20260647-1/
Upstream
CVE-2026-24515
CVE-2026-25210
Related
CVE-2026-24515
CVE-2026-25210
Ecosystems
SUSE Linux Enterprise Server LTSS Extended Security 12 SP5
Timeline
Published
Feb 25, 2026
Modified
Feb 25, 2026