CVE-2024-28757

High

libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via…

mitre·CWE-776·Published 2024-03-10

CVSS

7.5

EPSS

0.02

KEV

Exploits

cve.orgen

153 chars

libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via XML_ExternalEntityParserCreate).

NVDen

153 chars

libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via XML_ExternalEntityParserCreate).

NVDes

171 chars

libexpat hasta 2.6.1 permite un ataque de expansión de entidad XML cuando hay un uso aislado de analizadores externos (creados a través de XML_ExternalEntityParserCreate).

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	cve.org	7.5	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
3.1	Primary	cve.org	7.5	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H