High severity7.5NVD Advisory· Published Aug 30, 2024· Updated May 12, 2026
CVE-2024-45490
CVE-2024-45490
Description
An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XML_ParseBuffer.
Affected products
1- libexpat/libexpatdescription
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
11- github.com/libexpat/libexpat/pull/890nvdPatch
- github.com/libexpat/libexpat/issues/887nvdIssue Tracking
- seclists.org/fulldisclosure/2024/Dec/10nvd
- seclists.org/fulldisclosure/2024/Dec/12nvd
- seclists.org/fulldisclosure/2024/Dec/6nvd
- seclists.org/fulldisclosure/2024/Dec/7nvd
- seclists.org/fulldisclosure/2024/Dec/8nvd
- cert-portal.siemens.com/productcert/html/ssa-082556.htmlnvd
- cert-portal.siemens.com/productcert/html/ssa-613116.htmlnvd
- lists.debian.org/debian-lts-announce/2024/09/msg00036.htmlnvd
- security.netapp.com/advisory/ntap-20241018-0004/nvd
News mentions
0No linked articles in our index yet.