Published: 10/03/2024 Updated: 23/03/2024

libexpat up to and including 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via XML_ExternalEntityParserCreate).

Debian Bug report logs - #1065868 expat: CVE-2024-28757 Package: src:expat; Maintainer for src:expat is Laszlo Boszormenyi (GCS) <gcs@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sun, 10 Mar 2024 15:03:07 UTC Severity: important Tags: security, upstream Found in version expat/261-1 Fixe ...

oss-sec mailing list archives   By Date By Thread </form>    Expat 262 released, includes security fixes   From: Alan Coopersmith &l ...

https://github.com/libexpat/libexpat/pull/842 https://github.com/libexpat/libexpat/issues/839 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FPLC6WDSRDUYS7F7JWAOVOHFNOUQ43DD/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LKJ7V5F6LJCEQJXDBWGT27J7NAP3E3N7/https://security.netapp.com/advisory/ntap-20240322-0001/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VK2O34GH43NTHBZBN7G5Y6YKJKPUCTBE/https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1065868 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2024-28757

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Mailing Lists

References

Vulmon Search

About

Products

Connect