CVE-2024-50602

Published

Last updated

NVD

https://nvd.nist.gov/vuln/detail/CVE-2024-50602

Severity

5.9

Medium

CVSS V3

Description

An issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser function because XML_StopParser can stop/suspend an unstarted parser.

References

https://images.chainguard.dev/security/CGA-94fw-p8h4-q5pq
https://github.com/advisories/GHSA-79wf-qgrg-2p6c
https://images.chainguard.dev/security/CGA-v7vq-q3hm-p8cq
https://images.chainguard.dev/security/CGA-fmp3-gvm6-qhc8
https://images.chainguard.dev/security/CGA-gf9w-x54c-mr2x
https://images.chainguard.dev/security/CGA-qxcw-x58v-vxgp
https://images.chainguard.dev/security/CGA-hp44-8h8q-gmwc
https://images.chainguard.dev/security/CGA-q5p8-px89-q8q8
https://security.netapp.com/advisory/ntap-20250404-0008/
https://github.com/libexpat/libexpat/pull/915
https://lists.debian.org/debian-lts-announce/2025/04/msg00040.html

Affected packages

Advisories are based on vulnerability information provided by Grype from Anchore. Learn how Chainguard creates security advisories.

Safe Source for Open Source™

Private Policy

Product

Chainguard Containers Chainguard Libraries Chainguard VMs Integrations Pricing

Solutions

FedRAMP PCI DSS Golden Images CVE Remediation Public Sector

Customers

Customer Stories Chainguard Reviews

Resources

Events & Webinars Chainguard Courses Documentation Trust Center

Company

About Us Blog Partners Newsroom Careers Legal