Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2024-50602

Опубликовано: 27 окт. 2024
Источник: redhat
CVSS3: 5.9
EPSS Низкий

Описание

An issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser function because XML_StopParser can stop/suspend an unstarted parser.

A security issue was found in Expat (libexpat). A crash can be triggered in the XML_ResumeParser function due to XML_StopParser's ability to stop or suspend an unstarted parser, which can lead to a denial of service.

Меры по смягчению последствий

Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 10expatNot affected
Red Hat Enterprise Linux 7expatOut of support scope
Red Hat Enterprise Linux 8mingw-expatWill not fix
Red Hat Enterprise Linux 8expatFixedRHSA-2024:950213.11.2024
Red Hat Enterprise Linux 9expatFixedRHSA-2024:954113.11.2024
Red Hat Enterprise Linux 9expatFixedRHSA-2024:954113.11.2024
Red Hat Enterprise Linux 9.2 Extended Update SupportexpatFixedRHSA-2025:335027.03.2025
Red Hat Enterprise Linux 9.4 Extended Update SupportexpatFixedRHSA-2024:1120017.12.2024

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-754
https://bugzilla.redhat.com/show_bug.cgi?id=2321987libexpat: expat: DoS via XML_ResumeParser

EPSS

Процентиль: 32%
0.00127
Низкий

5.9 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2024-50602

CVSS3: 5.9
ubuntu
больше 1 года назад

An issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser function because XML_StopParser can stop/suspend an unstarted parser.

nvd логотип

CVE-2024-50602

CVSS3: 5.9
nvd
больше 1 года назад

An issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser function because XML_StopParser can stop/suspend an unstarted parser.

msrc логотип

CVE-2024-50602

CVSS3: 5.9
msrc
больше 1 года назад

An issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser function because XML_StopParser can stop/suspend an unstarted parser.

debian логотип

CVE-2024-50602

CVSS3: 5.9
debian
больше 1 года назад

An issue was discovered in libexpat before 2.6.4. There is a crash wit ...

suse-cvrf логотип

SUSE-SU-2024:4412-1

suse-cvrf
больше 1 года назад

Security update for mozjs78

EPSS

Процентиль: 32%
0.00127
Низкий

5.9 Medium

CVSS3