CVE-2024-23807 | Apache Xerces C++ up to 3.2.2 External DTD Scanning use after free

Inserito da Angelo Barbosa | Feb 16, 2024 | CVE

A vulnerability, which was classified as problematic, has been found in Apache Xerces C++ up to 3.2.2. This issue affects some unknown processing of the component External DTD Scanning. The manipulation leads to use after free.

The identification of this vulnerability is CVE-2024-23807. The attack needs to be approached within the local network. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-23807 | Apache Xerces C++ up to 3.2.2 External DTD Scanning use after free

Post correlati

CVE-2024-40096 | com.cascadialabs.who 15.0 on Android information disclosure

CVE-2024-37135 | Dell Data Manager Appliance Software up to 5.16.0.0 credentials storage (dsa-2024-290)

CVE-2024-36858 | Jan 0.4.12 File /v1/app/writeFileSync unrestricted upload

CVE-2024-6650 | SourceCodester Employee and Visitor Gate Pass Logging System 1.0 /classes/Master.php save_designation cross site scripting