20 matches found
CVE-2024-40896 vulnerabilities
Vulnerabilities for packages: openjdk-26-openj9, openjdk-17-openj9, openjdk-25-openj9, openjdk-11-openj9, openjdk-21-openj9, openjdk-8-openj9...
TencentOS Server 4: libxml2 (TSSA-2025:0159)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0159 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
Fedora: Security Advisory (FEDORA-2024-867a14de12)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
K000151254: libxml2 vulnerability CVE-2024-40896
Security Advisory Description In libxml2 2.11 before 2.11.9, 2.12 before 2.12.9, and 2.13 before 2.13.3, the SAX parser can produce events for external entities even if custom SAX handlers try to override entity content by setting "checked". This makes classic XXE attacks possible. CVE-2024-40896...
openSUSE Security Advisory (openSUSE-SU-2025:0024-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security update for qt6-webengine (important)
openSUSE Security Update: Security update for qt6-webengine Announcement ID: openSUSE-SU-2025:0024-1 Rating: important References: 1234820 Cross-References: CVE-2024-40896 CVSS scores: CVE-2024-40896 SUSE: 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N Affected Products:...
Fedora: Security Advisory (FEDORA-2024-9f3765a04b)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 40 : libxml2 (2024-9f3765a04b)
The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-9f3765a04b advisory. Update to 2.12.9 Fixes CVE-2024-40896 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has...
libQt6Pdf6-6.8.1-2.1 on GA media (moderate)
libQt6Pdf6-6.8.1-2.1 on GA media Announcement ID: openSUSE-SU-2024:14611-1 Rating: moderate Cross-References: CVE-2024-40896 CVSS scores: CVE-2024-40896 SUSE : 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L CVE-2024-40896 SUSE : 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:...
CVE-2024-40896 affecting package libxml2 for versions less than 2.11.5-2
CVE-2024-40896 affecting package libxml2 for versions less than 2.11.5-2. A patched version of the package is available...
Fedora 41 : libxml2 (2024-867a14de12)
The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-867a14de12 advisory. Update to 2.12.9 Fixes CVE-2024-40896. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has...
BELL-CVE-2024-40896
Bulletin has no description...
SUSE CVE-2024-40896
In libxml2 2.11 before 2.11.9, 2.12 before 2.12.9, and 2.13 before 2.13.3, the SAX parser can produce events for external entities even if custom SAX handlers try to override entity content by setting "checked". This makes classic XXE attacks possible...
CVE-2024-40896
In libxml2 2.11 before 2.11.9, 2.12 before 2.12.9, and 2.13 before 2.13.3, the SAX parser can produce events for external entities even if custom SAX handlers try to override entity content by setting "checked". This makes classic XXE attacks possible...
CVE-2024-40896
In libxml2 2.11 before 2.11.9, 2.12 before 2.12.9, and 2.13 before 2.13.3, the SAX parser can produce events for external entities even if custom SAX handlers try to override entity content by setting "checked". This makes classic XXE attacks possible...
CVE-2024-40896
creationtimestamp| type| source ---|---|--- 2024-12-23 17:09:41+00:00| seen| https://infosec.exchange/users/cve/statuses/113703241691047496 2024-12-23 19:10:15+00:00| seen| https://t.me/cvedetector/13543 2024-12-25 22:46:53+00:00| seen|...
CVE-2024-40896
In libxml2 2.11 before 2.11.9, 2.12 before 2.12.9, and 2.13 before 2.13.3, the SAX parser can produce events for external entities even if custom SAX handlers try to override entity content by setting "checked". This makes classic XXE attacks possible...
CVE-2024-40896
CVE-2024-40896 affects libxml2 prior to 2.11.9, 2.12 prior to 2.12.9, and 2.13 prior to 2.13.3. The SAX parser can emit events for external entities even when custom SAX handlers try to override content (via checked), enabling classic XXE attacks. Connected sources reiterate the same vulnerabilit...
CVE-2024-40896
In libxml2 2.11 before 2.11.9, 2.12 before 2.12.9, and 2.13 before 2.13.3, the SAX parser can produce events for external entities even if custom SAX handlers try to override entity content by setting "checked". This makes classic XXE attacks possible...
CVE-2024-40896
In libxml2 2.11 before 2.11.9, 2.12 before 2.12.9, and 2.13 before 2.13.3, the SAX parser can produce events for external entities even if custom SAX handlers try to override entity content by setting "checked". This makes classic XXE attacks possible...