Integer Overflow in libexpat Could Lead to Denial of Service
CVE-2024-45491

9.8CRITICAL

Key Information:

Vendor: libexpat
Status: Libexpat
Vendor: CVE Published:; 30 August 2024

What is CVE-2024-45491?

An integer overflow vulnerability exists in the libexpat XML parsing library affecting versions prior to 2.6.3. This issue occurs in the dtdCopy function located in xmlparse.c, specifically when handling the nDefaultAtts parameter on 32-bit platforms where the value of UINT_MAX equates to SIZE_MAX. Exploitation of this vulnerability may lead to unexpected behaviors or denial of service, highlighting the importance of updating to the latest version to mitigate risks.

References

https://github.com/libexpat/libexpat/pull/891

https://github.com/libexpat/libexpat/issues/888

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 30, 2024
Vulnerability Reserved
Aug 30, 2024