
We found results for “”
CVE-2024-45492
Good to know:

Date: August 29, 2024
An issue was discovered in libexpat before 2.6.3. nextScaffoldPart in xmlparse.c can have an integer overflow for m_groupSize on 32-bit platforms (where UINT_MAX equals SIZE_MAX).
Language: C
Severity Score
Severity Score
Weakness Type (CWE)
Integer Overflow or Wraparound
CWE-190Top Fix

Upgrade Version
Upgrade to version cmake - 3.20.1;cmake - 3.23.1;cmake - no_fix;cmake - 3.17.3;cmake - 3.22.0;hxcfe-sys - no_fix;hxcadaptor-sys - 0.1.2;python3 - 3.8.2;expat - no_fix;openfx-sys - no_fix;cmake-native - 3.18.2;cmake-native - 3.23.2;cmake-native - 3.22.0;expat-sys - no_fix;xmp_toolkit - no_fix;xmp_toolkit - 0.3.6;org.webjars.npm:node-expat:2.3.18
CVSS v3.1
Base Score: |
|
---|---|
Attack Vector (AV): | NETWORK |
Attack Complexity (AC): | LOW |
Privileges Required (PR): | NONE |
User Interaction (UI): | NONE |
Scope (S): | UNCHANGED |
Confidentiality (C): | LOW |
Integrity (I): | LOW |
Availability (A): | LOW |