CVE-2024-50614

Опубликовано: 27 окт. 2024

Источник: redhat

CVSS3: 6.5

EPSS Низкий

Описание

TinyXML2 through 10.0.0 has a reachable assertion for UINT_MAX/16, that may lead to application exit, in tinyxml2.cpp XMLUtil::GetCharacterRef.

A flaw was found in the TinyXML2 package. A reachable assertion error may be triggered via a specially-crafted XML file, which can lead to a denial of service.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 8	tinyxml2	Affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-617

https://bugzilla.redhat.com/show_bug.cgi?id=2322054tinyxml2: reachable assertion in GetCharacterRef()

EPSS

Процентиль: 20%

0.00063

Низкий

6.5 Medium

CVSS3

Связанные уязвимости

CVE-2024-50614

CVSS3: 6.5

ubuntu

около 1 года назад

TinyXML2 through 10.0.0 has a reachable assertion for UINT_MAX/16, that may lead to application exit, in tinyxml2.cpp XMLUtil::GetCharacterRef.

CVE-2024-50614

CVSS3: 6.5

nvd

около 1 года назад

TinyXML2 through 10.0.0 has a reachable assertion for UINT_MAX/16, that may lead to application exit, in tinyxml2.cpp XMLUtil::GetCharacterRef.

CVE-2024-50614

CVSS3: 6.5

msrc

около 2 месяцев назад

TinyXML2 through 10.0.0 has a reachable assertion for UINT_MAX/16, that may lead to application exit, in tinyxml2.cpp XMLUtil::GetCharacterRef.

CVE-2024-50614

CVSS3: 6.5

debian

около 1 года назад

TinyXML2 through 10.0.0 has a reachable assertion for UINT_MAX/16, tha ...

GHSA-xpm9-95h9-q996

CVSS3: 6.5

github

около 1 года назад

TinyXML2 through 10.0.0 has a reachable assertion for UINT_MAX/16, that may lead to application exit, in tinyxml2.cpp XMLUtil::GetCharacterRef.

EPSS

Процентиль: 20%

0.00063

Низкий

6.5 Medium

CVSS3