Lucene search
Ubuntu.comUB:CVE-2024-28757HistoryMar 10, 2024 - 12:00 a.m.
CVE-2024-28757
2024-03-1000:00:00
ubuntu.com
ubuntu.com
32
libexpat security xml entity expansion
libexpat through 2.6.1 allows an XML Entity Expansion attack when there is
isolated use of external parsers (created via
XML_ExternalEntityParserCreate).
Bugs
- <https://github.com/libexpat/libexpat/issues/839>
- <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1065868>
- <https://bugzilla.redhat.com/show_bug.cgi?id=2268766>
Notes
| Author | Note |
|---|---|
| sbeattie | paraview uses system expat xotcl uses system expat poco uses system expat gdcm uses system expat audacity uses system expat simgear uses system expat coin3 uses system expat as of 4.0.0~CMake~6f54f1602475+ds1-1 sitecopy uses system expat since 1:0.16.0-1 (dapper!) insighttoolkit uses system expat as of 4.12.1-dfsg1 |
| mdeslaur | apache2 uses system expat apr-util uses system expat cmake uses system expat ghostscript uses system expat firefox uses system expat |
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 16.04 | noarch | ayttm | <Â any | UNKNOWN |
| ubuntu | 16.04 | noarch | cableswig | <Â any | UNKNOWN |
| ubuntu | 18.04 | noarch | cadaver | <Â any | UNKNOWN |
| ubuntu | 20.04 | noarch | cadaver | <Â any | UNKNOWN |
| ubuntu | 22.04 | noarch | cadaver | <Â any | UNKNOWN |
| ubuntu | 23.10 | noarch | cadaver | <Â any | UNKNOWN |
| ubuntu | 24.04 | noarch | cadaver | <Â any | UNKNOWN |
| ubuntu | 16.04 | noarch | cadaver | <Â any | UNKNOWN |
| ubuntu | 18.04 | noarch | coin3 | <Â any | UNKNOWN |
| ubuntu | 14.04 | noarch | coin3 | <Â any | UNKNOWN |
Related
fedora
fedora
[SECURITY] Fedora 38 Update: mingw-expat-2.6.1-1.fc38
2024-03-19 02:00:28
[SECURITY] Fedora 39 Update: mingw-expat-2.6.1-1.fc39
2024-03-19 01:10:52
[SECURITY] Fedora 40 Update: mingw-expat-2.6.1-1.fc40
2024-03-23 00:50:46
cbl_mariner
cbl_mariner
CVE-2024-28757 affecting package expat for versions less than 2.6.2-2
2024-04-09 20:48:36
cvelist
cvelist
CVE-2024-28757
2024-03-10 00:00:00
f5
f5
K000139637: Expat vulnerability CVE-2024-28757
2024-05-16 00:00:00
openvas
openvas
Fedora: Security Advisory for mingw-expat (FEDORA-2024-4e6e660fae)
2024-03-25 00:00:00
Slackware: Security Advisory (SSA:2024-073-01)
2024-03-14 00:00:00
Fedora: Security Advisory for mingw-expat (FEDORA-2024-afb73e6f62)
2024-03-25 00:00:00
nessus
nessus
Fedora 38 : mingw-expat (2024-40b98c9ced)
2024-03-18 00:00:00
Fedora 39 : mingw-expat (2024-4e6e660fae)
2024-03-18 00:00:00
Fedora 40 : mingw-expat (2024-afb73e6f62)
2024-04-29 00:00:00
redos
redos
ROS-20240506-01
2024-05-06 00:00:00
veracode
veracode
XML Entity Expansion
2024-03-11 07:18:06
alpinelinux
alpinelinux
CVE-2024-28757
2024-03-10 05:15:06
slackware
slackware
[slackware-security] expat
2024-03-13 19:51:59
githubexploit
githubexploit
Exploit for CVE-2024-28757
2024-05-03 09:21:27
Exploit for CVE-2024-28757
2024-05-03 04:58:24
Exploit for CVE-2024-28757
2024-05-03 09:24:51
redhatcve
redhatcve
CVE-2024-28757
2024-03-10 10:10:35
debiancve
debiancve
CVE-2024-28757
2024-03-10 05:15:06
osv
osv
CVE-2024-28757
2024-03-10 05:15:06
Moderate: expat security update
2024-03-26 00:00:00
expat vulnerabilities
2024-03-14 10:19:40
cve
cve
CVE-2024-28757
2024-03-10 05:15:06
almalinux
almalinux
Moderate: expat security update
2024-03-26 00:00:00
mageia
mageia
Updated expat packages fix security vulnerabilities
2024-03-18 19:12:23
oraclelinux
oraclelinux
expat security update
2024-03-26 00:00:00
cloudfoundry
cloudfoundry
USN-6694-1: Expat vulnerabilities | Cloud Foundry
2024-04-04 00:00:00
ubuntu
ubuntu
Expat vulnerabilities
2024-03-14 00:00:00
redhat
redhat
(RHSA-2024:1530) Moderate: expat security update
2024-03-26 16:30:26
(RHSA-2024:2633) Important: updated rhceph-6.1 container image
2024-05-01 01:13:16
ibm
ibm