CVE-2024-45492 | libexpat up to 2.6.2 xmlparse.c m_groupSize UINT_MAX integer overflow (ID 889)

Inserito da Angelo Barbosa | Ago 30, 2024 | CVE

A vulnerability classified as problematic has been found in libexpat up to 2.6.2. This affects the function m_groupSize of the file xmlparse.c. The manipulation of the argument UINT_MAX leads to integer overflow.

This vulnerability is uniquely identified as CVE-2024-45492. The attack can only be initiated within the local network. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-45492 | libexpat up to 2.6.2 xmlparse.c m_groupSize UINT_MAX integer overflow (ID 889)

Post correlati

Mozilla Firefox Reader Mode cross site scripting

CVE-2024-6121 | NI SystemLink Server/FlexLogger Redis vulnerable third-party component

CVE-2024-32353 | Totolink X5000R 9.1.0cu.2350_B20230313 /cgi-bin/cstecgi.cgi setSSServer port command injection

CVE-2024-8517 | SPIP up to 4.1.18/4.2.15/4.3.1 Multipart File Upload reliance on file name or extension of externally-supplied file