CVE-2024-45491
CVE Details
Visit the official vulnerability details page for CVE-2024-45491 to learn more.
Initial Publication
10/25/2024
Last Update
12/16/2024
Third Party Dependency
libexpat
NIST CVE Summary
An issue was discovered in libexpat before 2.6.3. dtdCopy in xmlparse.c can have an integer overflow for nDefaultAtts on 32-bit platforms (where UINT_MAX equals SIZE_MAX).
CVE Severity
Our Official Summary
This CVE identifies an integer overflow vulnerability found in libexpat versions prior to 2.6.3, specifically in the dtdCopy function of xmlparse.c on 32-bit platforms. This vulnerability can be exploited over a network without user interaction and has very low attack complexity. Not all of the images affected use the specific functions affected.
Exploiting this vulnerability in Palette deployments will require an external user to compromise the network controls and gain privileged access. There are controls in place which makes the exploitation difficult. Fix is available in libexpat versions > 2.6.3. Once the fixed version of the library is adoped by 3rd party images, we will incorporate those in our products.
Status
Ongoing
Affected Products & Versions
| Version | Palette Enterprise | Palette Enterprise Airgap | VerteX | VerteX Airgap |
|---|---|---|---|---|
| 4.5.15 | ✅ No Impact | ⚠️ Impacted | ⚠️ Impacted | ⚠️ Impacted |
| 4.5.10 | ✅ No Impact | ⚠️ Impacted | ⚠️ Impacted | ⚠️ Impacted |
| 4.5.8 | ✅ No Impact | ⚠️ Impacted | ⚠️ Impacted | ⚠️ Impacted |
| 4.5.5 | ✅ No Impact | ⚠️ Impacted | ⚠️ Impacted | ⚠️ Impacted |
| 4.5.4 | ✅ No Impact | ⚠️ Impacted | ⚠️ Impacted | ⚠️ Impacted |
| 4.4.20 | ✅ No Impact | ⚠️ Impacted | ⚠️ Impacted | ⚠️ Impacted |
Revision History
| Date | Revision |
|---|---|
| 12/16/2024 | Impacted versions changed from 4.5.4, 4.5.5, 4.5.8, 4.4.20, 4.5.10 to 4.5.4, 4.5.5, 4.5.8, 4.4.20, 4.5.10, 4.5.15 |
| 12/11/2024 | Official summary revised: This CVE identifies an integer overflow vulnerability found in libexpat versions prior to 2.6.3, specifically in the dtdCopy function of xmlparse.c on 32-bit platforms. This vulnerability can be exploited over a network without user interaction and has very low attack complexity. Not all of the images affected use the specific functions affected. Exploiting this vulnerability in Palette deployments will require an external user to compromise the network controls and gain privileged access. There are controls in place which makes the exploitation difficult. Fix is available in libexpat versions > 2.6.3. Once the fixed version of the library is adoped by 3rd party images, we will incorporate those in our products. |
| 11/15/2024 | Impacted versions changed from 4.5.4, 4.5.5, 4.5.8, 4.4.20 to 4.5.4, 4.5.5, 4.5.8, 4.4.20, 4.5.10 |
| 11/13/2024 | Impacted versions changed from 4.5.4, 4.5.5, 4.5.8 to 4.5.4, 4.5.5, 4.5.8, 4.4.20 |
| 11/10/2024 | Impacted versions changed from 4.5.4, 4.5.5 to 4.5.4, 4.5.5, 4.5.8 |
| 10/27/2024 | Impacted versions changed from 4.5.4 to 4.5.4, 4.5.5 |