Lucene search
GoogleOSV:CVE-2024-28757HistoryMar 10, 2024 - 5:15 a.m.
CVE-2024-28757
2024-03-1005:15:06
Google
osv.dev
20
libexpat
xml
entity expansion
attack
external parsers
libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via XML_ExternalEntityParserCreate).
References
www.openwall.com/lists/oss-security/2024/03/15/1
github.com/libexpat/libexpat/issues/839
github.com/libexpat/libexpat/pull/842
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FPLC6WDSRDUYS7F7JWAOVOHFNOUQ43DD/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKJ7V5F6LJCEQJXDBWGT27J7NAP3E3N7/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VK2O34GH43NTHBZBN7G5Y6YKJKPUCTBE/
security.netapp.com/advisory/ntap-20240322-0001/
Related
nessus
nessus
Slackware Linux 15.0 / current expat Vulnerability (SSA:2024-073-01)
2024-03-13 00:00:00
F5 Networks BIG-IP : Expat vulnerability (K000139637)
2024-05-16 00:00:00
Amazon Linux 2023 : expat, expat-devel, expat-static (ALAS2023-2024-576)
2024-04-03 00:00:00
slackware
slackware
[slackware-security] expat
2024-03-13 19:51:59
openvas
openvas
Fedora: Security Advisory for mingw-expat (FEDORA-2024-afb73e6f62)
2024-03-25 00:00:00
Fedora: Security Advisory for mingw-expat (FEDORA-2024-40b98c9ced)
2024-03-25 00:00:00
Fedora: Security Advisory for mingw-expat (FEDORA-2024-4e6e660fae)
2024-03-25 00:00:00
githubexploit
githubexploit
Exploit for CVE-2024-28757
2024-05-03 09:21:27
Exploit for CVE-2024-28757
2024-05-03 04:58:24
Exploit for CVE-2024-28757
2024-05-03 09:24:51
redhatcve
redhatcve
CVE-2024-28757
2024-03-10 10:10:35
debiancve
debiancve
CVE-2024-28757
2024-03-10 05:15:06
cve
cve
CVE-2024-28757
2024-03-10 05:15:06
fedora
fedora
[SECURITY] Fedora 40 Update: mingw-expat-2.6.1-1.fc40
2024-03-23 00:50:46
[SECURITY] Fedora 39 Update: mingw-expat-2.6.1-1.fc39
2024-03-19 01:10:52
[SECURITY] Fedora 38 Update: mingw-expat-2.6.1-1.fc38
2024-03-19 02:00:28
ubuntucve
ubuntucve
CVE-2024-28757
2024-03-10 00:00:00
f5
f5
K000139637: Expat vulnerability CVE-2024-28757
2024-05-16 00:00:00
cbl_mariner
cbl_mariner
CVE-2024-28757 affecting package expat for versions less than 2.6.2-2
2024-04-09 20:48:36
cvelist
cvelist
CVE-2024-28757
2024-03-10 00:00:00
alpinelinux
alpinelinux
CVE-2024-28757
2024-03-10 05:15:06
veracode
veracode
XML Entity Expansion
2024-03-11 07:18:06
redos
redos
ROS-20240506-01
2024-05-06 00:00:00
cloudfoundry
cloudfoundry
USN-6694-1: Expat vulnerabilities | Cloud Foundry
2024-04-04 00:00:00
redhat
redhat
(RHSA-2024:1530) Moderate: expat security update
2024-03-26 16:30:26
(RHSA-2024:2633) Important: updated rhceph-6.1 container image
2024-05-01 01:13:16
mageia
mageia
Updated expat packages fix security vulnerabilities
2024-03-18 19:12:23
oraclelinux
oraclelinux
expat security update
2024-03-26 00:00:00
almalinux
almalinux
Moderate: expat security update
2024-03-26 00:00:00
osv
osv
Moderate: expat security update
2024-03-26 00:00:00
expat vulnerabilities
2024-03-14 10:19:40
ubuntu
ubuntu
Expat vulnerabilities
2024-03-14 00:00:00
ibm
ibm