{"id":"ALSA-2020:4846","summary":"Moderate: mingw-expat security update","details":"Expat is a C library for parsing XML documents. The mingw-expat packages provide a port of the Expat library for MinGW. \n\nSecurity Fix(es):\n\n* expat: large number of colons in input makes parser consume high amount of resources, leading to DoS (CVE-2018-20843)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.","modified":"2026-02-04T02:15:45.775042Z","published":"2020-11-03T12:41:03Z","related":["CVE-2018-20843"],"references":[{"type":"REPORT","url":"https://vulners.com/cve/CVE-2018-20843"}],"affected":[{"package":{"name":"mingw32-expat","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/mingw32-expat"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.2.4-5.el8"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2020:4846.json"}},{"package":{"name":"mingw64-expat","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/mingw64-expat"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.2.4-5.el8"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2020:4846.json"}}],"schema_version":"1.7.3"}