[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2024-45490":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":34,"aliases":35,"duplicate_of":9,"upstream":36,"downstream":37,"duplicates":94,"related":95,"reserved_at":9,"published_at":113,"modified_at":114,"state":115,"summary":116,"references_raw":125,"kevs":173,"epss":174,"epss_history":177,"metrics":456,"affected":467},"CVE-2024-45490","An issue was discovered in libexpat before 2.6.3. xmlparse.c does not reject a negative length for XML_ParseBuffer.",null,[11,23],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-611","Improper Restriction of XML External Entity Reference","The product processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output.","weakness","Draft","Base",[19],{"id":20,"name":21,"techniques":22},"CAPEC-221","Data Serialization External Entities Blowup",[],{"_key":24,"id":24,"name":25,"description":26,"type":15,"status":27,"abstraction":17,"likelihood_of_exploit":28,"capec":29},"CWE-190","Integer Overflow or Wraparound","The product performs a calculation that can\n         produce an integer overflow or wraparound when the logic\n         assumes that the resulting value will always be larger than\n         the original value. This occurs when an integer value is\n         incremented to a value that is too large to store in the\n         associated representation. When this occurs, the value may\n         become a very small or negative number.","Stable","Medium",[30],{"id":31,"name":32,"techniques":33},"CAPEC-92","Forced Integer Overflow",[],[],[],[],[38,40,42,44,46,48,50,52,54,56,58,60,62,64,66,68,70,72,74,76,78,80,82,84,86,88,90,92],{"_key":39},"ALPINE-CVE-2024-45490",{"_key":41},"OPENSUSE-SU-2024:14381-1",{"_key":43},"SUSE-SU-2024:3182-1",{"_key":45},"SUSE-SU-2024:3515-1",{"_key":47},"SUSE-SU-2024:3216-1",{"_key":49},"SUSE-SU-2024:3538-1",{"_key":51},"SUSE-SU-2024:3554-1",{"_key":53},"SUSE-SU-2026:0044-1",{"_key":55},"OPENSUSE-SU-2024:14322-1",{"_key":57},"OPENSUSE-SU-2024:14328-1",{"_key":59},"OPENSUSE-SU-2024:14379-1",{"_key":61},"OPENSUSE-SU-2024:14380-1",{"_key":63},"DLA-3893-1",{"_key":65},"DSA-5770-1",{"_key":67},"SUSE-SU-2025:20045-1",{"_key":69},"SUSE-SU-2025:20207-1",{"_key":71},"SUSE-SU-2025:20311-1",{"_key":73},"SUSE-SU-2025:4512-1",{"_key":75},"MGASA-2024-0294",{"_key":77},"MGASA-2024-0338",{"_key":79},"USN-7000-2",{"_key":81},"USN-7001-2",{"_key":83},"DEBIAN-CVE-2024-45490",{"_key":85},"USN-7000-1",{"_key":87},"USN-7001-1",{"_key":89},"UBUNTU-CVE-2024-45490",{"_key":91},"RHSA-2024:6754",{"_key":93},"RHSA-2024:6989",[],[96,97,98,99,100,101,102,103,104,105,106,107,108,109,110,111,112],{"_key":41},{"_key":43},{"_key":45},{"_key":47},{"_key":49},{"_key":51},{"_key":53},{"_key":55},{"_key":57},{"_key":59},{"_key":61},{"_key":67},{"_key":69},{"_key":71},{"_key":73},{"_key":75},{"_key":77},"2024-08-30T00:00:00.000Z","2026-05-12T11:57:31.663Z","Modified",{"cisa_kev":117,"cisa_ransomware":117,"cisa_vendor":9,"epss_severity":118,"epss_score":119,"severity":120,"severity_score":121,"severity_version":122,"severity_source":123,"severity_vector":124,"severity_status":115},false,"low",0.00613,"critical",9.8,"v3.1","cve.org","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",[126,132,137,141,145,149,153,157,161,165,169],{"url":127,"sources":128,"tags":130},"https://github.com/libexpat/libexpat/pull/890",[123,129],"nvd",[131],"Patch",{"url":133,"sources":134,"tags":135},"https://github.com/libexpat/libexpat/issues/887",[123,129],[136],"Issue Tracking",{"url":138,"sources":139,"tags":140},"https://security.netapp.com/advisory/ntap-20241018-0004/",[123,129],[],{"url":142,"sources":143,"tags":144},"http://seclists.org/fulldisclosure/2024/Dec/12",[123,129],[],{"url":146,"sources":147,"tags":148},"http://seclists.org/fulldisclosure/2024/Dec/10",[123,129],[],{"url":150,"sources":151,"tags":152},"http://seclists.org/fulldisclosure/2024/Dec/8",[123,129],[],{"url":154,"sources":155,"tags":156},"http://seclists.org/fulldisclosure/2024/Dec/7",[123,129],[],{"url":158,"sources":159,"tags":160},"http://seclists.org/fulldisclosure/2024/Dec/6",[123,129],[],{"url":162,"sources":163,"tags":164},"https://lists.debian.org/debian-lts-announce/2024/09/msg00036.html",[123,129],[],{"url":166,"sources":167,"tags":168},"https://cert-portal.siemens.com/productcert/html/ssa-082556.html",[123,129],[],{"url":170,"sources":171,"tags":172},"https://cert-portal.siemens.com/productcert/html/ssa-613116.html",[123,129],[],[],{"date":175,"score":119,"percentile":176},"2026-06-04",0.70221,[178,182,186,189,192,195,198,201,204,207,210,213,216,219,222,226,229,232,236,239,242,245,248,252,255,258,261,264,267,270,273,276,279,282,285,288,291,294,297,300,303,305,308,311,314,317,320,323,326,329,331,335,339,342,346,349,352,355,358,362,365,368,371,374,377,380,383,386,389,392,395,398,401,404,407,410,413,417,420,423,426,429,432,435,438,440,443,447,450,453],{"date":179,"score":180,"percentile":181},"2025-11-04",0.00178,0.39656,{"date":183,"score":184,"percentile":185},"2025-11-05",0.00226,0.4534,{"date":187,"score":184,"percentile":188},"2025-11-06",0.45354,{"date":190,"score":184,"percentile":191},"2025-11-07",0.45379,{"date":193,"score":184,"percentile":194},"2025-11-08",0.45377,{"date":196,"score":184,"percentile":197},"2025-11-09",0.45356,{"date":199,"score":184,"percentile":200},"2025-11-10",0.4532,{"date":202,"score":184,"percentile":203},"2025-11-11",0.45336,{"date":205,"score":184,"percentile":206},"2025-11-12",0.45367,{"date":208,"score":184,"percentile":209},"2025-11-13",0.45375,{"date":211,"score":184,"percentile":212},"2025-11-14",0.45392,{"date":214,"score":184,"percentile":215},"2025-11-15",0.45389,{"date":217,"score":184,"percentile":218},"2025-11-16",0.45372,{"date":220,"score":184,"percentile":221},"2025-11-17",0.45346,{"date":223,"score":224,"percentile":225},"2025-11-18",0.0123,0.77387,{"date":227,"score":224,"percentile":228},"2025-11-19",0.77394,{"date":230,"score":224,"percentile":231},"2025-11-20",0.77404,{"date":233,"score":234,"percentile":235},"2025-11-21",0.00233,0.46012,{"date":237,"score":234,"percentile":238},"2025-11-22",0.46011,{"date":240,"score":234,"percentile":241},"2025-11-23",0.45985,{"date":243,"score":234,"percentile":244},"2025-11-24",0.45974,{"date":246,"score":234,"percentile":247},"2025-11-25",0.45982,{"date":249,"score":250,"percentile":251},"2025-11-26",0.002,0.42228,{"date":253,"score":250,"percentile":254},"2025-11-27",0.42233,{"date":256,"score":250,"percentile":257},"2025-11-28",0.42206,{"date":259,"score":250,"percentile":260},"2025-11-29",0.42182,{"date":262,"score":250,"percentile":263},"2025-11-30",0.42162,{"date":265,"score":250,"percentile":266},"2025-12-01",0.42285,{"date":268,"score":250,"percentile":269},"2025-12-02",0.42296,{"date":271,"score":250,"percentile":272},"2025-12-03",0.42298,{"date":274,"score":234,"percentile":275},"2025-12-04",0.45917,{"date":277,"score":234,"percentile":278},"2025-12-05",0.4594,{"date":280,"score":234,"percentile":281},"2025-12-06",0.45937,{"date":283,"score":234,"percentile":284},"2025-12-07",0.4592,{"date":286,"score":234,"percentile":287},"2025-12-08",0.45925,{"date":289,"score":234,"percentile":290},"2025-12-09",0.45956,{"date":292,"score":234,"percentile":293},"2025-12-10",0.4602,{"date":295,"score":234,"percentile":296},"2025-12-11",0.46043,{"date":298,"score":234,"percentile":299},"2025-12-12",0.46074,{"date":301,"score":234,"percentile":302},"2025-12-13",0.46057,{"date":304,"score":234,"percentile":296},"2025-12-14",{"date":306,"score":234,"percentile":307},"2025-12-15",0.46025,{"date":309,"score":234,"percentile":310},"2025-12-16",0.46039,{"date":312,"score":184,"percentile":313},"2025-12-17",0.45407,{"date":315,"score":184,"percentile":316},"2025-12-18",0.45453,{"date":318,"score":184,"percentile":319},"2025-12-19",0.45465,{"date":321,"score":184,"percentile":322},"2025-12-20",0.45438,{"date":324,"score":184,"percentile":325},"2025-12-21",0.45406,{"date":327,"score":184,"percentile":328},"2025-12-22",0.45384,{"date":330,"score":184,"percentile":328},"2025-12-23",{"date":332,"score":333,"percentile":334},"2025-12-24",0.00298,0.52789,{"date":336,"score":337,"percentile":338},"2025-12-25",0.00275,0.50719,{"date":340,"score":337,"percentile":341},"2025-12-26",0.5071,{"date":343,"score":344,"percentile":345},"2025-12-27",0.00256,0.48879,{"date":347,"score":344,"percentile":348},"2025-12-28",0.48796,{"date":350,"score":344,"percentile":351},"2025-12-29",0.48777,{"date":353,"score":344,"percentile":354},"2025-12-30",0.48772,{"date":356,"score":344,"percentile":357},"2025-12-31",0.4881,{"date":359,"score":360,"percentile":361},"2026-01-01",0.00306,0.53619,{"date":363,"score":360,"percentile":364},"2026-01-02",0.53597,{"date":366,"score":360,"percentile":367},"2026-01-03",0.5359,{"date":369,"score":360,"percentile":370},"2026-01-04",0.53424,{"date":372,"score":360,"percentile":373},"2026-01-05",0.5341,{"date":375,"score":360,"percentile":376},"2026-01-06",0.53415,{"date":378,"score":360,"percentile":379},"2026-01-07",0.53439,{"date":381,"score":360,"percentile":382},"2026-01-08",0.5346,{"date":384,"score":360,"percentile":385},"2026-01-09",0.53452,{"date":387,"score":360,"percentile":388},"2026-01-10",0.53451,{"date":390,"score":360,"percentile":391},"2026-01-11",0.5343,{"date":393,"score":360,"percentile":394},"2026-01-12",0.53382,{"date":396,"score":360,"percentile":397},"2026-01-13",0.5336,{"date":399,"score":333,"percentile":400},"2026-01-14",0.5275,{"date":402,"score":333,"percentile":403},"2026-01-15",0.52753,{"date":405,"score":333,"percentile":406},"2026-01-16",0.52773,{"date":408,"score":333,"percentile":409},"2026-01-17",0.52757,{"date":411,"score":360,"percentile":412},"2026-01-18",0.53404,{"date":414,"score":415,"percentile":416},"2026-01-19",0.00541,0.67028,{"date":418,"score":415,"percentile":419},"2026-01-20",0.67042,{"date":421,"score":415,"percentile":422},"2026-01-21",0.67055,{"date":424,"score":415,"percentile":425},"2026-01-22",0.67065,{"date":427,"score":415,"percentile":428},"2026-01-23",0.67096,{"date":430,"score":415,"percentile":431},"2026-01-24",0.67107,{"date":433,"score":415,"percentile":434},"2026-01-25",0.67073,{"date":436,"score":415,"percentile":437},"2026-01-26",0.67063,{"date":439,"score":415,"percentile":434},"2026-01-27",{"date":441,"score":415,"percentile":442},"2026-01-28",0.67084,{"date":444,"score":445,"percentile":446},"2026-01-29",0.00526,0.66457,{"date":448,"score":445,"percentile":449},"2026-01-30",0.66468,{"date":451,"score":445,"percentile":452},"2026-01-31",0.6647,{"date":454,"score":445,"percentile":455},"2026-02-01",0.66615,[457,461],{"source":123,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":458,"cvss_v4_0":9},{"baseScore":121,"baseSeverity":459,"vectorString":124,"impactScore":121,"exploitabilityScore":460},"CRITICAL",10,{"source":129,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":462,"cvss_v4_0":9},{"baseScore":463,"baseSeverity":464,"vectorString":465,"impactScore":466,"exploitabilityScore":460},7.5,"HIGH","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",6,[468],{"ecosystem":9,"name":469,"vendor":470,"product":469,"cpe_part":471,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":472},"libexpat","libexpat_project","a",[473],{"version":474,"is_range":475,"range_type":476,"version_start":9,"version_start_type":9,"version_end":477,"version_end_type":478,"fixed_in":9},"lt2.6.3",true,"cpe","2.6.3","excluding"]