Lucene search

K
cveMitreCVE-2024-28757
HistoryMar 10, 2024 - 5:15 a.m.

CVE-2024-28757

2024-03-1005:15:06
mitre
web.nvd.nist.gov
4989
libexpat
xml
entity expansion
attack
cve-2024-28757

AI Score

7.4

Confidence

High

EPSS

0

Percentile

10.3%

libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via XML_ExternalEntityParserCreate).