MGASA-2024-0362

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2024-0362.html

Import Source

https://advisories.mageia.org/MGASA-2024-0362.json

JSON Data

https://api.test.osv.dev/v1/vulns/MGASA-2024-0362

Related

CVE-2024-50602

Published

2024-11-12T19:53:59Z

Modified

2024-11-11T19:41:03Z

Summary

Updated expat packages fix security vulnerability

Details

An issue was discovered in libexpat before 2.6.4. There is a crash within the XMLResumeParser function because XMLStopParser can stop/suspend an unstarted parser. (CVE-2024-50602)

References

https://advisories.mageia.org/MGASA-2024-0362.html
https://bugs.mageia.org/show_bug.cgi?id=33739
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2024&m=slackware-security.358428

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:9 / expat

Package

Name: expat
Purl: pkg:rpm/mageia/expat?distro=mageia-9

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.6.4-1.mga9

Ecosystem specific

{
    "section": "core"
}