rpm package
opensuse/x3270&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/x3270&distro=openSUSE%20Tumbleweed
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-45492 | Cri | 9.8 | < 4.3-4.1 | 4.3-4.1 | Aug 30, 2024 | An issue was discovered in libexpat before 2.6.3. nextScaffoldPart in xmlparse.c can have an integer overflow for m_groupSize on 32-bit platforms (where UINT_MAX equals SIZE_MAX). | |
| CVE-2024-45491 | Cri | 9.8 | < 4.3-4.1 | 4.3-4.1 | Aug 30, 2024 | An issue was discovered in libexpat before 2.6.3. dtdCopy in xmlparse.c can have an integer overflow for nDefaultAtts on 32-bit platforms (where UINT_MAX equals SIZE_MAX). | |
| CVE-2024-45490 | Hig | 7.5 | < 4.3-4.1 | 4.3-4.1 | Aug 30, 2024 | An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XML_ParseBuffer. |
- affected < 4.3-4.1fixed 4.3-4.1
An issue was discovered in libexpat before 2.6.3. nextScaffoldPart in xmlparse.c can have an integer overflow for m_groupSize on 32-bit platforms (where UINT_MAX equals SIZE_MAX).
- affected < 4.3-4.1fixed 4.3-4.1
An issue was discovered in libexpat before 2.6.3. dtdCopy in xmlparse.c can have an integer overflow for nDefaultAtts on 32-bit platforms (where UINT_MAX equals SIZE_MAX).
- affected < 4.3-4.1fixed 4.3-4.1
An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XML_ParseBuffer.