Updated: 2024-11-30 03:45:09.071825
Description:
An issue was discovered in libexpat before 2.6.3. nextScaffoldPart in xmlparse.c can have an integer overflow for m_groupSize on 32-bit platforms (where UINT_MAX equals SIZE_MAX).
| Links | NIST | CIRCL | RHEL | Ubuntu |
| Severity | Score | |
|---|---|---|
| CVSS Version 2.x | 0 | |
| CVSS Version 3.x | CRITICAL | 9.8 |
| OS name | Project name | Version | Score | Severity | Status | Errata | Last updated | Statement |
|---|---|---|---|---|---|---|---|---|
| AlmaLinux 9.2 ESU | expat | 2.5.0 | 9.8 | CRITICAL | Released | CLSA-2024:1725650114 | 2024-09-06 17:23:15 | |
| CentOS 6 ELS | expat | 2.0.1 | 9.8 | CRITICAL | Released | CLSA-2024:1725993966 | 2024-09-20 03:40:00 | |
| CentOS 7 ELS | expat | 2.1.0 | 9.8 | CRITICAL | Released | CLSA-2024:1726608591 | 2024-09-26 12:39:35 | |
| CentOS 8.4 ELS | expat | 2.2.5 | 9.8 | CRITICAL | Released | CLSA-2024:1726163032 | 2024-09-12 14:22:50 | |
| CentOS 8.5 ELS | expat | 2.2.5 | 9.8 | CRITICAL | Released | CLSA-2024:1726163048 | 2024-09-12 14:22:49 | |
| CentOS Stream 8 ELS | expat | 2.2.5 | 9.8 | CRITICAL | Released | CLSA-2024:1726163202 | 2024-09-12 14:22:47 | |
| CloudLinux 6 ELS | expat | 2.0.1 | 9.8 | CRITICAL | Released | CLSA-2024:1725993990 | 2024-09-23 12:23:44 | |
| CloudLinux 7 ELS | expat | 2.1.0 | 9.8 | CRITICAL | Released | CLSA-2024:1726608613 | 2024-09-26 12:39:35 | |
| Oracle Linux 6 ELS | expat | 2.0.1 | 9.8 | CRITICAL | Released | CLSA-2024:1725993841 | 2024-09-10 17:22:32 | |
| Oracle Linux 7 ELS | expat | 2.1.0 | 9.8 | CRITICAL | Released | CLSA-2024:1733422548 | 2024-12-05 13:20:39 |