Lucene search

K
debiancveDebian Security Bug TrackerDEBIANCVE:CVE-2024-28757
HistoryMar 10, 2024 - 5:15 a.m.

CVE-2024-28757

2024-03-1005:15:06
Debian Security Bug Tracker
security-tracker.debian.org
22
libexpat
xml entity expansion
attack
external parsers
unix

AI Score

6.8

Confidence

Low

EPSS

0

Percentile

10.3%

libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via XML_ExternalEntityParserCreate).