Fabre

#1088813 tinyxml2: CVE-2024-50614 #1088813

Package:: src:tinyxml2

Source:: src:tinyxml2

Submitter:: Moritz Mühlenhoff

Date:: 2026-05-25 17:41:03 UTC

Severity:: normal

Tags:

#1088813#5

Date:: 2024-12-01 16:45:32 UTC

From:

To:

Hi,

The following vulnerability was published for tinyxml2.

CVE-2024-50614[0]:
| TinyXML2 through 10.0.0 has a reachable assertion for UINT_MAX/16,
| that may lead to application exit, in tinyxml2.cpp
| XMLUtil::GetCharacterRef.

https://github.com/leethomason/tinyxml2/issues/996


If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2024-50614
https://www.cve.org/CVERecord?id=CVE-2024-50614

Please adjust the affected versions in the BTS as needed.

#1088813 tinyxml2: CVE-2024-50614 #1088813

Just Reply to ...

Reply to submitter ...

Send control command (Silently)

Set Architecture Tags (Silently)