CVE-2024-28757
ADVISORY - nistSummary
libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via XML_ExternalEntityParserCreate).
EPSS Score: 0.00044 (0.112)
Common Weakness Enumeration (CWE)
ADVISORY - nist
ADVISORY - redhat
Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')
NIST
CREATED
UPDATED
ADVISORY IDCVE-2024-28757
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
Alpine
CREATED
UPDATED
ADVISORY IDCVE-2024-28757
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Debian
CREATED
UPDATED
ADVISORY IDCVE-2024-28757
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Ubuntu
CREATED
UPDATED
ADVISORY IDCVE-2024-28757
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Alma
CREATED
UPDATED
ADVISORY IDALSA-2024:1530
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Amazon
CREATED
UPDATED
ADVISORY IDALAS2023-2024-576
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Red Hat
CREATED
UPDATED
ADVISORY IDCVE-2024-28757
EXPLOITABILITY SCORE
3.9
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
Oracle
CREATED
UPDATED
ADVISORY IDELSA-2024-1530
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-