{"id":"BIT-python-min-2024-50602","details":"An issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser function because XML_StopParser can stop/suspend an unstarted parser.","aliases":["BIT-libpython-2024-50602","BIT-python-2024-50602","CVE-2024-50602"],"modified":"2026-02-11T16:22:33.000638Z","published":"2025-01-16T07:19:53.188Z","database_specific":{"cpes":["cpe:2.3:a:python:python:*:*:*:*:*:*:*:*"],"severity":"Medium"},"references":[{"type":"WEB","url":"https://github.com/libexpat/libexpat/pull/915"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-50602"},{"type":"WEB","url":"https://security.netapp.com/advisory/ntap-20250404-0008/"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/04/msg00040.html"},{"type":"WEB","url":"https://docs.python.org/release/3.10.16/whatsnew/changelog.html"},{"type":"WEB","url":"https://docs.python.org/release/3.11.11/whatsnew/changelog.html#python-3-11-11"},{"type":"WEB","url":"https://docs.python.org/release/3.12.8/whatsnew/changelog.html#python-3-12-8"},{"type":"WEB","url":"https://docs.python.org/release/3.13.1/whatsnew/changelog.html#python-3-13-1"},{"type":"WEB","url":"https://docs.python.org/release/3.9.21/whatsnew/changelog.html"},{"type":"WEB","url":"https://github.com/python/cpython/issues/126623"}],"affected":[{"package":{"name":"python-min","ecosystem":"Bitnami","purl":"pkg:bitnami/python-min"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"3.9.21"},{"introduced":"3.10.0"},{"fixed":"3.10.16"},{"introduced":"3.11.0"},{"fixed":"3.11.11"},{"introduced":"3.12.0"},{"fixed":"3.12.8"},{"introduced":"3.13.0"},{"fixed":"3.13.1"}]}],"database_specific":{"source":"https://github.com/bitnami/vulndb/tree/main/data/python-min/BIT-python-min-2024-50602.json"},"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}],"schema_version":"1.7.3"}