Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:45826
HistoryMar 11, 2024 - 7:18 a.m.

XML Entity Expansion

2024-03-1107:18:06
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
10
libexpat
xml entity expansion
input validation
external entities
software vulnerability

6.7 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

10.4%

JSON

libexpat is vulnerable to XML Entity Expansion. The vulnerability is caused due to insufficient input validation and handling of external entities in the XML parser. This allows an attacker to perform an XML Entity Expansion attack.

Related

slackware 1
nessus 11
openvas 8
githubexploit 3
debiancve 1
redhatcve 1
osv 3
cve 1
ibm 7
fedora 3
cbl_mariner 1
f5 1
cvelist 1
nvd 1
ubuntucve 1
alpinelinux 1
redos 1
aix 1
cloudfoundry 1
photon 2
redhat 3
mageia 1
oraclelinux 1
almalinux 1
ubuntu 1
slackware
slackware
[slackware-security] expat
2024-03-13 19:51:59
nessus
nessus
Slackware Linux 15.0 / current expat Vulnerability (SSA:2024-073-01)
2024-03-13 00:00:00
Amazon Linux 2023 : expat, expat-devel, expat-static (ALAS2023-2024-576)
2024-04-03 00:00:00
F5 Networks BIG-IP : Expat vulnerability (K000139637)
2024-05-16 00:00:00
openvas
openvas
Fedora: Security Advisory for mingw-expat (FEDORA-2024-afb73e6f62)
2024-03-25 00:00:00
Fedora: Security Advisory for mingw-expat (FEDORA-2024-40b98c9ced)
2024-03-25 00:00:00
Fedora: Security Advisory for mingw-expat (FEDORA-2024-4e6e660fae)
2024-03-25 00:00:00
githubexploit
githubexploit
Exploit for CVE-2024-28757
2024-05-03 09:21:27
Exploit for CVE-2024-28757
2024-05-03 04:58:24
Exploit for CVE-2024-28757
2024-05-03 09:24:51
debiancve
debiancve
CVE-2024-28757
2024-03-10 05:15:06
redhatcve
redhatcve
CVE-2024-28757
2024-03-10 10:10:35
osv
osv
CVE-2024-28757
2024-03-10 05:15:06
Moderate: expat security update
2024-03-26 00:00:00
expat vulnerabilities
2024-03-14 10:19:40
cve
cve
CVE-2024-28757
2024-03-10 05:15:06
ibm
ibm
Security Bulletin: AIX is affected by information disclosure due to Python (CVE-2024-28757)
2024-06-13 22:04:57
Security Bulletin: IBM® Db2® NSE (Net Search Extender) is affected by a vulnerability in the open source Expat library. (CVE-2024-28757)
2024-06-11 17:31:41
Security Bulletin: IBM Observability with Instana is affected by Multiple Security Vulnerabilities
2024-05-08 09:39:44
fedora
fedora
[SECURITY] Fedora 39 Update: mingw-expat-2.6.1-1.fc39
2024-03-19 01:10:52
[SECURITY] Fedora 38 Update: mingw-expat-2.6.1-1.fc38
2024-03-19 02:00:28
[SECURITY] Fedora 40 Update: mingw-expat-2.6.1-1.fc40
2024-03-23 00:50:46
cbl_mariner
cbl_mariner
CVE-2024-28757 affecting package expat for versions less than 2.6.2-2
2024-04-09 20:48:36
f5
f5
K000139637: Expat vulnerability CVE-2024-28757
2024-05-16 00:00:00
cvelist
cvelist
CVE-2024-28757
2024-03-10 00:00:00
nvd
nvd
CVE-2024-28757
2024-03-10 05:15:06
ubuntucve
ubuntucve
CVE-2024-28757
2024-03-10 00:00:00
alpinelinux
alpinelinux
CVE-2024-28757
2024-03-10 05:15:06
redos
redos
ROS-20240506-01
2024-05-06 00:00:00
aix
aix
AIX is affected by information disclosure due to Python (CVE-2024-28757)
2024-06-13 15:37:38
cloudfoundry
cloudfoundry
USN-6694-1: Expat vulnerabilities | Cloud Foundry
2024-04-04 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2024-5.0-0229
2024-03-22 00:00:00
Important Photon OS Security Update - PHSA-2024-4.0-0582
2024-03-22 00:00:00
redhat
redhat
(RHSA-2024:1530) Moderate: expat security update
2024-03-26 16:30:26
(RHSA-2024:2633) Important: updated rhceph-6.1 container image
2024-05-01 01:13:16
(RHSA-2024:1859) Moderate: OpenShift API for Data Protection (OADP) 1.3.1 security and bug fix update
2024-04-16 17:23:39
mageia
mageia
Updated expat packages fix security vulnerabilities
2024-03-18 19:12:23
oraclelinux
oraclelinux
expat security update
2024-03-26 00:00:00
almalinux
almalinux
Moderate: expat security update
2024-03-26 00:00:00
ubuntu
ubuntu
Expat vulnerabilities
2024-03-14 00:00:00

6.7 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

10.4%

JSON
Related for VERACODE:45826
slackware1nessus11openvas8githubexploit3debiancve1redhatcve1osv3cve1ibm7fedora3cbl_mariner1f51cvelist1nvd1ubuntucve1alpinelinux1redos1aix1cloudfoundry1photon2redhat3mageia1oraclelinux1almalinux1ubuntu1