CVE-2024-45492 Information

Description

An issue was discovered in libexpat before 2.6.3. nextScaffoldPart in xmlparse.c can have an integer overflow for m_groupSize on 32-bit platforms (where UINT_MAX equals SIZE_MAX).

Reference

https://github.com/libexpat/libexpat/pull/892 https://github.com/libexpat/libexpat/issues/889