CVE-2024-45491

Published: 8/30/2024 Last updated: 5/12/2026 Reserved: 8/30/2024

An issue was discovered in libexpat before 2.6.3. dtdCopy in xmlparse.c can have an integer overflow for nDefaultAtts on 32-bit platforms (where UINT_MAX equals SIZE_MAX).

CNA assigner: mitre (8254265b-2729-46b6-b9e3-3dfca2d5bfca) Requested by: n/a

Metrics

Version	Score	Severity	Vector String
3.1	7.3	High	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Opam packages affected (4)

conf-expat conf-gtk2 conf-gtk3 ocaml-expat

Products affected (2)

Product	Vendor	Version
n/a	n/a	Adobe Acrobat Reader 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier.
n/a	n/a	2019 (Core installation)

References (12)

https://github.com/libexpat/libexpat/pull/891
https://github.com/libexpat/libexpat/issues/888
https://security.netapp.com/advisory/ntap-20241018-0003/
https://lists.debian.org/debian-lts-announce/2024/09/msg00036.html
https://cert-portal.siemens.com/productcert/html/ssa-082556.html
https://cert-portal.siemens.com/productcert/html/ssa-613116.html
https://github.com/libexpat/libexpat/pull/891
https://github.com/libexpat/libexpat/issues/888
https://security.netapp.com/advisory/ntap-20241018-0003/
https://lists.debian.org/debian-lts-announce/2024/09/msg00036.html
https://cert-portal.siemens.com/productcert/html/ssa-082556.html
https://cert-portal.siemens.com/productcert/html/ssa-613116.html