CVE-2024-50614

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions: TinyXML2 versions prior to 10.0.1

Description: The issue is related to a reachable assertion for UINT MAX/16 in tinyxml2.cpp, specifically in the XMLUtil::GetCharacterRef() function. This may lead to an application exit.

Recommendations: For versions prior to 10.0.1, update to version 10.0.1 or later to resolve the issue.

Exploit

Fix

Assertion Failure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-617

Related Identifiers

ALT-PU-2025-12799

AZL-51874

AZL-51887

AZL-51900

CVE-2024-50614

OESA-2026-1247

OESA-2026-1282

OESA-2026-1283

OESA-2026-1284

OESA-2026-1349

OESA-2026-1350

Affected Products

Alt Linux

Debian

Tinyxml2

CVE-2024-50614

Weakness Enumeration

Related Identifiers

Affected Products

References · 26