An XML Entity Expansion flaw was found in libexpat. This flaw allows an attacker to cause a denial of service when there is an isolated use of external parsers.

References

bugzilla.redhat.com/show_bug.cgi?id=2268766

github.com/libexpat/libexpat/issues/839

nvd.nist.gov/vuln/detail/CVE-2024-28757

www.cve.org/CVERecord?id=CVE-2024-28757

f5 1

cvelist 1

cbl_mariner 1

fedora 3

openvas 8

ubuntucve 1

nessus 10

alpinelinux 1

veracode 1

redos 1

githubexploit 3

slackware 1

osv 3

debiancve 1

cve 1

mageia 1

oraclelinux 1

almalinux 1

ubuntu 1

cloudfoundry 1

redhat 3

ibm 5

K000139637: Expat vulnerability CVE-2024-28757

2024-05-16 00:00:00

cvelist

CVE-2024-28757

2024-03-10 00:00:00

cbl_mariner

CVE-2024-28757 affecting package expat for versions less than 2.6.2-2

2024-04-09 20:48:36

fedora

[SECURITY] Fedora 39 Update: mingw-expat-2.6.1-1.fc39

2024-03-19 01:10:52

[SECURITY] Fedora 38 Update: mingw-expat-2.6.1-1.fc38

2024-03-19 02:00:28

[SECURITY] Fedora 40 Update: mingw-expat-2.6.1-1.fc40

2024-03-23 00:50:46

openvas

Fedora: Security Advisory for mingw-expat (FEDORA-2024-4e6e660fae)

2024-03-25 00:00:00

Slackware: Security Advisory (SSA:2024-073-01)

2024-03-14 00:00:00

Fedora: Security Advisory for mingw-expat (FEDORA-2024-afb73e6f62)

2024-03-25 00:00:00

ubuntucve

CVE-2024-28757

2024-03-10 00:00:00

nessus

Fedora 38 : mingw-expat (2024-40b98c9ced)

2024-03-18 00:00:00

Fedora 40 : mingw-expat (2024-afb73e6f62)

2024-04-29 00:00:00

Fedora 39 : mingw-expat (2024-4e6e660fae)

2024-03-18 00:00:00

alpinelinux

CVE-2024-28757

2024-03-10 05:15:06

veracode

XML Entity Expansion

2024-03-11 07:18:06

redos

ROS-20240506-01

2024-05-06 00:00:00

githubexploit

Exploit for CVE-2024-28757

2024-05-03 09:21:27

Exploit for CVE-2024-28757

2024-05-03 04:58:24

Exploit for CVE-2024-28757

2024-05-03 09:24:51

slackware

[slackware-security] expat

2024-03-13 19:51:59

osv

CVE-2024-28757

2024-03-10 05:15:06

Moderate: expat security update

2024-03-26 00:00:00

expat vulnerabilities

2024-03-14 10:19:40

debiancve

CVE-2024-28757

2024-03-10 05:15:06

cve

CVE-2024-28757

2024-03-10 05:15:06

mageia

Updated expat packages fix security vulnerabilities

2024-03-18 19:12:23

oraclelinux

expat security update

2024-03-26 00:00:00

almalinux

Moderate: expat security update

2024-03-26 00:00:00

ubuntu

Expat vulnerabilities

2024-03-14 00:00:00

cloudfoundry

USN-6694-1: Expat vulnerabilities | Cloud Foundry

2024-04-04 00:00:00

redhat

(RHSA-2024:1530) Moderate: expat security update

2024-03-26 16:30:26

(RHSA-2024:2633) Important: updated rhceph-6.1 container image

2024-05-01 01:13:16

(RHSA-2024:1859) Moderate: OpenShift API for Data Protection (OADP) 1.3.1 security and bug fix update

2024-04-16 17:23:39

ibm

Security Bulletin: IBM Observability with Instana is affected by Multiple Security Vulnerabilities

2024-05-08 09:39:44

Security Bulletin: IBM App Connect Enterprise Certified Container UBI updates

2024-04-23 14:11:37

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to multiple Operator package issues

2024-05-07 17:05:31

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

5.8 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

10.1%

JSON

Related for RH:CVE-2024-28757