CVE-2024-28757 | libexpat up to 2.6.1 XML_ExternalEntityParserCreate xml external entity reference (Issue 839)

Inserito da Angelo Barbosa | Mar 10, 2024 | CVE

A vulnerability was found in libexpat up to 2.6.1. It has been rated as problematic. This issue affects the function XML_ExternalEntityParserCreate. The manipulation leads to xml external entity reference.

The identification of this vulnerability is CVE-2024-28757. The attack needs to be approached within the local network. There is no exploit available.

It is recommended to apply a patch to fix this issue.

CVE-2024-28757 | libexpat up to 2.6.1 XML_ExternalEntityParserCreate xml external entity reference (Issue 839)

Post correlati

CVE-2023-49621 | Siemens SIMATIC CN 4100 up to 2.6 default credentials (ssa-777015)

CVE-2024-0381 | WP Recipe Maker Plugin up to 9.1.0 on WordPress tag cross site scripting

CVE-2024-5459 | Restaurant Menu and Food Ordering Plugin up to 2.4.16 on WordPress Menu Creation authorization

CVE-2024-6937 | formtools.org Form Tools 3.1.1 Import Option List edit.php curl_exec url file inclusion