Fluid Attacks Database

Description

Integer Overflow or Wraparound vulnerability in InsightSoftwareConsortium ITK (‎Modules/ThirdParty/Expat/src/expat modules).This issue affects ITK: before 2.7.1.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version
debian 11	insighttoolkit4	=4.13.3withdata-dfsg1-4 \|\| =4.13.3withdata-dfsg1-4.1 \|\| =4.13.3withdata-dfsg2-1 \|\| =4.13.3withdata-dfsg2-2 \|\| =4.13.3withdata-dfsg2-3 \|\| =4.13.3withdata-dfsg2-4
debian 13	insighttoolkit5	=5.4.3-5 \|\| =5.4.4-1 \|\| =5.4.5-1 \|\| =5.4.5-2
debian 12	insighttoolkit4	=4.13.3withdata-dfsg2-4 \|\| =4.13.3withdata-dfsg2-4+deb12u1
debian 12	insighttoolkit5	=5.2.1-5 \|\| =5.2.1-5+deb12u1 \|\| =5.3.0-1 \|\| =5.3.0-2 \|\| =5.3.0-3 \|\| =5.3.0-4 \|\| =5.3.0-5 \|\| =5.3.0-6 \|\| =5.3.0-7 \|\| =5.3.0-9~0exp0 \|\| =5.4.0-1 \|\| =5.4.0-2 \|\| =5.4.3-1 \|\| =5.4.3-2 \|\| =5.4.3-3 \|\| =5.4.3-4 \|\| =5.4.3-5 \|\| =5.4.4-1 \|\| =5.4.5-1 \|\| =5.4.5-2
debian 14	insighttoolkit5	=5.4.3-5 \|\| =5.4.4-1 \|\| =5.4.5-1 \|\| =5.4.5-2

Aliases

1. CVE-2026-47392. NVD-2026-47393. OSV-DEBIAN-2026-47394. OSV-2026-47395. SECURITY-TRACKER-CVE-2026-4739

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.