CVE-2024-50602

Опубликовано: 27 окт. 2024

Источник: debian

EPSS Низкий

Описание

An issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser function because XML_StopParser can stop/suspend an unstarted parser.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
expat	fixed	2.6.3-2		package
expat	fixed	2.5.0-1+deb12u2	bookworm	package
libxmltok	removed			package
libxmltok	ignored		bookworm	package

Примечания

https://github.com/libexpat/libexpat/pull/915
https://github.com/libexpat/libexpat/commit/51c7019069b862e88d94ed228659e70bddd5de09 (R_2_6_4)
https://github.com/libexpat/libexpat/commit/5fb89e7b3afa1c314b34834fe729cd063f65a4d4 (R_2_6_4)
https://github.com/libexpat/libexpat/commit/b3836ff534c7cc78128fe7b935aad3d4353814ed (R_2_6_4)

EPSS

Процентиль: 30%

0.00109

Низкий

Связанные уязвимости

CVE-2024-50602

CVSS3: 5.9

ubuntu

около 1 года назад

An issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser function because XML_StopParser can stop/suspend an unstarted parser.

CVE-2024-50602

CVSS3: 5.9

redhat

около 1 года назад

An issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser function because XML_StopParser can stop/suspend an unstarted parser.

CVE-2024-50602

CVSS3: 5.9

nvd

около 1 года назад

An issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser function because XML_StopParser can stop/suspend an unstarted parser.

CVE-2024-50602

CVSS3: 5.9

msrc

около 1 года назад

Описание отсутствует

SUSE-SU-2024:4412-1

suse-cvrf

11 месяцев назад

Security update for mozjs78

EPSS

Процентиль: 30%

0.00109

Низкий