CVE-2024-50602

Опубликовано: 27 окт. 2024

Источник: debian

Описание

An issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser function because XML_StopParser can stop/suspend an unstarted parser.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
expat	fixed	2.6.3-2		package
expat	no-dsa		bookworm	package
libxmltok	removed			package
libxmltok	ignored		bookworm	package

Примечания

https://github.com/libexpat/libexpat/pull/915
https://github.com/libexpat/libexpat/commit/51c7019069b862e88d94ed228659e70bddd5de09 (R_2_6_4)
https://github.com/libexpat/libexpat/commit/5fb89e7b3afa1c314b34834fe729cd063f65a4d4 (R_2_6_4)
https://github.com/libexpat/libexpat/commit/b3836ff534c7cc78128fe7b935aad3d4353814ed (R_2_6_4)

Связанные уязвимости

CVE-2024-50602

CVSS3: 5.9

ubuntu

8 месяцев назад

An issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser function because XML_StopParser can stop/suspend an unstarted parser.

CVE-2024-50602

CVSS3: 5.9

redhat

8 месяцев назад

An issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser function because XML_StopParser can stop/suspend an unstarted parser.

CVE-2024-50602

CVSS3: 5.9

nvd

8 месяцев назад

An issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser function because XML_StopParser can stop/suspend an unstarted parser.

CVE-2024-50602

CVSS3: 5.9

msrc

7 месяцев назад

Описание отсутствует

SUSE-SU-2024:4412-1

suse-cvrf

6 месяцев назад

Security update for mozjs78