Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2024-28757HistoryMar 10, 2024 - 5:15 a.m.
CVE-2024-28757
2024-03-1005:15:06
Debian Security Bug Tracker
security-tracker.debian.org
14
libexpat
xml entity expansion
attack
external parsers
unix
libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via XML_ExternalEntityParserCreate).
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | expat | <= 2.5.0-1 | expat_2.5.0-1_all.deb |
| Debian | 11 | all | expat | <= 2.2.10-2+deb11u5 | expat_2.2.10-2+deb11u5_all.deb |
| Debian | 10 | all | expat | <= 2.2.6-2+deb10u4 | expat_2.2.6-2+deb10u4_all.deb |
| Debian | 999 | all | expat | < 2.6.1-2 | expat_2.6.1-2_all.deb |
| Debian | 13 | all | expat | < 2.6.1-2 | expat_2.6.1-2_all.deb |
Related
f5
f5
K000139637: Expat vulnerability CVE-2024-28757
2024-05-16 00:00:00
cvelist
cvelist
CVE-2024-28757
2024-03-10 00:00:00
cbl_mariner
cbl_mariner
CVE-2024-28757 affecting package expat for versions less than 2.6.2-2
2024-04-09 20:48:36
fedora
fedora
[SECURITY] Fedora 39 Update: mingw-expat-2.6.1-1.fc39
2024-03-19 01:10:52
[SECURITY] Fedora 38 Update: mingw-expat-2.6.1-1.fc38
2024-03-19 02:00:28
[SECURITY] Fedora 40 Update: mingw-expat-2.6.1-1.fc40
2024-03-23 00:50:46
nessus
nessus
F5 Networks BIG-IP : Expat vulnerability (K000139637)
2024-05-16 00:00:00
Amazon Linux 2023 : expat, expat-devel, expat-static (ALAS2023-2024-576)
2024-04-03 00:00:00
Fedora 38 : mingw-expat (2024-40b98c9ced)
2024-03-18 00:00:00
osv
osv
CVE-2024-28757
2024-03-10 05:15:06
Moderate: expat security update
2024-03-26 00:00:00
expat vulnerabilities
2024-03-14 10:19:40
redhatcve
redhatcve
CVE-2024-28757
2024-03-10 10:10:35
openvas
openvas
Fedora: Security Advisory for mingw-expat (FEDORA-2024-40b98c9ced)
2024-03-25 00:00:00
Slackware: Security Advisory (SSA:2024-073-01)
2024-03-14 00:00:00
Fedora: Security Advisory for mingw-expat (FEDORA-2024-4e6e660fae)
2024-03-25 00:00:00
githubexploit
githubexploit
Exploit for CVE-2024-28757
2024-05-03 09:24:51
Exploit for CVE-2024-28757
2024-05-03 09:21:27
Exploit for CVE-2024-28757
2024-05-03 04:58:24
cve
cve
CVE-2024-28757
2024-03-10 05:15:06
veracode
veracode
XML Entity Expansion
2024-03-11 07:18:06
redos
redos
ROS-20240506-01
2024-05-06 00:00:00
alpinelinux
alpinelinux
CVE-2024-28757
2024-03-10 05:15:06
ubuntucve
ubuntucve
CVE-2024-28757
2024-03-10 00:00:00
slackware
slackware
[slackware-security] expat
2024-03-13 19:51:59
redhat
redhat
(RHSA-2024:1530) Moderate: expat security update
2024-03-26 16:30:26
(RHSA-2024:2633) Important: updated rhceph-6.1 container image
2024-05-01 01:13:16
ubuntu
ubuntu
Expat vulnerabilities
2024-03-14 00:00:00
mageia
mageia
Updated expat packages fix security vulnerabilities
2024-03-18 19:12:23
oraclelinux
oraclelinux
expat security update
2024-03-26 00:00:00
almalinux
almalinux
Moderate: expat security update
2024-03-26 00:00:00
cloudfoundry
cloudfoundry
USN-6694-1: Expat vulnerabilities | Cloud Foundry
2024-04-04 00:00:00
ibm
ibm
6.8 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
10.1%
Related for DEBIANCVE:CVE-2024-28757