Lucene search

K
cvelistMitreCVELIST:CVE-2024-28757
HistoryMar 10, 2024 - 12:00 a.m.

CVE-2024-28757

2024-03-1000:00:00
mitre
www.cve.org
11
libexpat
xml
entity expansion
attack
external parsers
cve-2024-28757

AI Score

7.8

Confidence

High

EPSS

0

Percentile

10.3%

libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via XML_ExternalEntityParserCreate).