Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2024-45491HistoryAug 30, 2024 - 3:15 a.m.
CVE-2024-45491
2024-08-3003:15:03
Debian Security Bug Tracker
security-tracker.debian.org
4
vulnerability
libexpat
integer overflow
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
7.6
Confidence
High
EPSS
0.001
Percentile
39.7%
An issue was discovered in libexpat before 2.6.3. dtdCopy in xmlparse.c can have an integer overflow for nDefaultAtts on 32-bit platforms (where UINT_MAX equals SIZE_MAX).
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | expat | < 2.5.0-1+deb12u1 | expat_2.5.0-1+deb12u1_all.deb |
| Debian | 11 | all | expat | < 2.2.10-2+deb11u6 | expat_2.2.10-2+deb11u6_all.deb |
| Debian | 999 | all | expat | < 2.6.2-2 | expat_2.6.2-2_all.deb |
| Debian | 13 | all | expat | < 2.6.2-2 | expat_2.6.2-2_all.deb |
Related
osv
osv
CVE-2024-45491
2024-08-30 03:15:03
libxmltok vulnerabilities
2024-09-17 11:54:23
libxmltok vulnerabilities
2024-09-12 10:20:05
cve
cve
CVE-2024-45491
2024-08-30 03:15:03
vulnrichment
vulnrichment
CVE-2024-45491
2024-08-30 00:00:00
ubuntucve
ubuntucve
CVE-2024-45491
2024-09-03 00:00:00
redhatcve
redhatcve
CVE-2024-45491
2024-09-05 07:14:59
nvd
nvd
CVE-2024-45491
2024-08-30 03:15:03
cvelist
cvelist
CVE-2024-45491
2024-08-30 00:00:00
cbl_mariner
cbl_mariner
CVE-2024-45491 affecting package expat for versions less than 2.6.3-1
2024-09-13 18:09:05
alpinelinux
alpinelinux
CVE-2024-45491
2024-08-30 03:15:03
nessus
nessus
CBL Mariner 2.0 Security Update: expat (CVE-2024-45491)
2024-09-14 00:00:00
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS : xmltok library vulnerabilities (USN-7001-1)
2024-09-12 00:00:00
Ubuntu 24.04 LTS : xmltok library vulnerabilities (USN-7001-2)
2024-09-17 00:00:00
cloudlinux
cloudlinux
expat: Fix of 2 CVEs
2024-09-10 18:46:09
redos
redos
ROS-20240829-10
2024-08-29 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-7001-2)
2024-09-18 00:00:00
Ubuntu: Security Advisory (USN-7001-1)
2024-09-12 00:00:00
Ubuntu: Security Advisory (USN-7000-2)
2024-09-18 00:00:00
slackware
slackware
[slackware-security] expat
2024-09-04 23:40:07
[slackware-security] python3
2024-09-09 01:06:11
fedora
fedora
[SECURITY] Fedora 41 Update: mingw-expat-2.6.3-1.fc41
2024-09-13 21:02:44
[SECURITY] Fedora 40 Update: expat-2.6.3-1.fc40
2024-09-10 02:10:36
[SECURITY] Fedora 39 Update: mingw-expat-2.6.3-1.fc39
2024-09-14 01:26:36
oraclelinux
oraclelinux
expat security update
2024-09-18 00:00:00
redhat
redhat
(RHSA-2024:6754) Moderate: expat security update
2024-09-18 11:08:23
mageia
mageia
Updated expat packages fix security vulnerabilities
2024-09-11 23:42:44
photon
photon
Critical Photon OS Security Update - PHSA-2024-3.0-0796
2024-09-17 00:00:00
Critical Photon OS Security Update - PHSA-2024-4.0-0682
2024-09-04 00:00:00
Critical Photon OS Security Update - PHSA-2024-5.0-0364
2024-09-05 00:00:00
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
7.6
Confidence
High
EPSS
0.001
Percentile
39.7%
Related for DEBIANCVE:CVE-2024-45491