CVE-2024-50602

EPSS 0.13%
Veröffentlicht 27.10.2024 05:15:04
Zuletzt bearbeitet 15.10.2025 17:54:22
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

An issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser function because XML_StopParser can stop/suspend an unstarted parser.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 6

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Netapp ≫ Active Iq Unified Manager Version- SwPlatformvmware_vsphere

Netapp ≫ Windows Host Utilities Version-

Debian ≫ Debian Linux Version11.0

Netapp ≫ Hci Compute Node Version-

Netapp ≫ H300s Firmware Version-

Netapp ≫ H300s Version-

Netapp ≫ H500s Firmware Version-

Netapp ≫ H500s Version-

Netapp ≫ H700s Firmware Version-

Netapp ≫ H700s Version-

Netapp ≫ H410s Firmware Version-

Netapp ≫ H410s Version-

Netapp ≫ H410c Firmware Version-

Netapp ≫ H410c Version-

Libexpat Project ≫ Libexpat Version < 2.6.4

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.13%	0.332

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
134c704f-9b21-4f2e-91b3-4a467353bcc0	5.9	2.2	3.6	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-754 Improper Check for Unusual or Exceptional Conditions

The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product.

https://github.com/libexpat/libexpat/pull/915

Issue Tracking

https://security.netapp.com/advisory/ntap-20250404-0008/

Third Party Advisory

https://lists.debian.org/debian-lts-announce/2025/04/msg00040.html

Third Party Advisory

Mailing List

https://nvd.nist.gov/vuln/detail/CVE-2024-50602

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-50602

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-50602

EUVD