CVE-2024-8176

🗓️ 14 Mar 2025 00:00:00Reported by ubuntu.comType

ubuntucve

ubuntucve🔗 ubuntu.com👁 10 Views

Multiple applications use system expat, no current attack vector reported for matanza.

Reporter	Title	Published	Views	Family All 298
IBM Security Bulletins	Security Bulletin: IBM Automation Decision Services for October 2025 - Multiple CVEs addressed	3 Dec 202506:06	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to a stack overflow vulnerability in libexpat library [CVE-2024-8176]	13 Jun 202516:26	–	ibm
IBM Security Bulletins	Security Bulletin: Oracle Outside In Technology (OIT) v8.5.7 BP7 vulnerabilities CVE-2025-29482 (vulnerable), CVE-2024-8176 (not vulnerable) in FileNet Content Manager (FNCM) Content Based Retrieval (CBR) content indexing	30 Mar 202609:37	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in expat library (CVE-2024-8176) affects Power HMC.	7 Jul 202505:41	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities found in IBM TXSeries for Multiplatforms.	7 Jul 202514:23	–	ibm
IBM Security Bulletins	Security Bulletin: AIX/VIOS is vulnerable to denial of service and possible code execution due to Perl (WS-2025-0004)	5 Feb 202622:03	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities have been identified with the DS8900F and DS8A00 Hardware Management Console (HMC)	30 Sep 202508:36	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Instana Observability is affected by multiple vulnerabilities within Instana Agent container image	20 May 202514:32	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Omnifind Text Search Server for DB2 for i is affected by multiple vulnerabilities[CVE-2017-12626,CVE-2023-44483,CVE-2023-45853,CVE-2024-8176,CVE-2024-11612,CVE-2024-50602,CVE-2025-27363,CVE-2025-29482,CVE-2025-48924,CVE-2025-53816]	20 Jun 202601:15	–	ibm
IBM Security Bulletins	Security Bulletin: AIX is vulnerable to denial of service and possible code execution due to Perl (CVE-2024-8176, CVE-2024-56406)	26 Jun 202515:03	–	ibm

OS	OS Version	Architecture	Package	Package Version	Filename
Ubuntu	24.04	any	cadaver	0	cadaver_0_any.deb
Ubuntu	18.04	any	cadaver	0	cadaver_0_any.deb
Ubuntu	22.04	any	cadaver	0	cadaver_0_any.deb
Ubuntu	25.10	any	cadaver	0	cadaver_0_any.deb
Ubuntu	20.04	any	cadaver	0	cadaver_0_any.deb
Ubuntu	26.04	any	cadaver	0	cadaver_0_any.deb
Ubuntu	18.04	any	xmlrpc-c	0	xmlrpc-c_0_any.deb
Ubuntu	22.04	any	xmlrpc-c	0	xmlrpc-c_0_any.deb
Ubuntu	24.04	any	xmlrpc-c	0	xmlrpc-c_0_any.deb
Ubuntu	14.04	any	xmlrpc-c	0	xmlrpc-c_0_any.deb

Source	Link
cve	www.cve.org/CVERecord
blog	www.blog.hartwork.org/posts/expat-2-7-0-released/
access	www.access.redhat.com/security/cve/CVE-2024-8176
ubuntu	www.ubuntu.com/security/notices/USN-7424-1

11 Jul 2025 08:00Current

7High risk

Vulners AI Score7

CVSS 3.17.5

EPSS0.01569

SSVC

system expat usage multiple applications no attack vector matanza config parsing