Уязвимость CVE-2024-40896

CVE-2024-40896

CVSS3: 9.1

ubuntu

8 месяцев назад

In libxml2 2.11 before 2.11.9, 2.12 before 2.12.9, and 2.13 before 2.13.3, the SAX parser can produce events for external entities even if custom SAX handlers try to override entity content (by setting "checked"). This makes classic XXE attacks possible.

CVE-2024-40896

CVSS3: 9.1

redhat

8 месяцев назад

In libxml2 2.11 before 2.11.9, 2.12 before 2.12.9, and 2.13 before 2.13.3, the SAX parser can produce events for external entities even if custom SAX handlers try to override entity content (by setting "checked"). This makes classic XXE attacks possible.

CVE-2024-40896

CVSS3: 9.1

nvd

8 месяцев назад

In libxml2 2.11 before 2.11.9, 2.12 before 2.12.9, and 2.13 before 2.13.3, the SAX parser can produce events for external entities even if custom SAX handlers try to override entity content (by setting "checked"). This makes classic XXE attacks possible.

CVE-2024-40896

CVSS3: 9.1

debian

8 месяцев назад

In libxml2 2.11 before 2.11.9, 2.12 before 2.12.9, and 2.13 before 2.1 ...

openSUSE-SU-2025:0024-1

suse-cvrf

6 месяцев назад

Security update for qt6-webengine

exploitDog

CVE-2024-40896

Описание

Возможность эксплуатации

Связанные уязвимости