Количество 9
Количество 9
BDU:2024-07164
Уязвимость библиотеки libxml2, связанная с неверным ограничением XML-ссылок на внешние объекты, позволяющая нарушителю получить доступ к произвольным файлам на сервере или выполнить сетевое сканирование внутренней и внешней инфраструктуры
CVE-2024-40896
In libxml2 2.11 before 2.11.9, 2.12 before 2.12.9, and 2.13 before 2.13.3, the SAX parser can produce events for external entities even if custom SAX handlers try to override entity content (by setting "checked"). This makes classic XXE attacks possible.
CVE-2024-40896
In libxml2 2.11 before 2.11.9, 2.12 before 2.12.9, and 2.13 before 2.13.3, the SAX parser can produce events for external entities even if custom SAX handlers try to override entity content (by setting "checked"). This makes classic XXE attacks possible.
CVE-2024-40896
In libxml2 2.11 before 2.11.9, 2.12 before 2.12.9, and 2.13 before 2.13.3, the SAX parser can produce events for external entities even if custom SAX handlers try to override entity content (by setting "checked"). This makes classic XXE attacks possible.
CVE-2024-40896
CVE-2024-40896
In libxml2 2.11 before 2.11.9, 2.12 before 2.12.9, and 2.13 before 2.1 ...
openSUSE-SU-2025:0024-1
Security update for qt6-webengine
GHSA-6c2p-rqx3-w4px
In libxml2 2.11 before 2.11.9, 2.12 before 2.12.9, and 2.13 before 2.13.3, the SAX parser can produce events for external entities even if custom SAX handlers try to override entity content (by setting "checked"). This makes classic XXE attacks possible.
ELBA-2025-6597
ELBA-2025-6597: libxml2 bug fix and enhancement update (CRITICAL)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | BDU:2024-07164 Уязвимость библиотеки libxml2, связанная с неверным ограничением XML-ссылок на внешние объекты, позволяющая нарушителю получить доступ к произвольным файлам на сервере или выполнить сетевое сканирование внутренней и внешней инфраструктуры | CVSS3: 9.1 | 0% Низкий | около 1 года назад |
 | CVE-2024-40896 In libxml2 2.11 before 2.11.9, 2.12 before 2.12.9, and 2.13 before 2.13.3, the SAX parser can produce events for external entities even if custom SAX handlers try to override entity content (by setting "checked"). This makes classic XXE attacks possible. | CVSS3: 9.1 | 0% Низкий | 8 месяцев назад |
 | CVE-2024-40896 In libxml2 2.11 before 2.11.9, 2.12 before 2.12.9, and 2.13 before 2.13.3, the SAX parser can produce events for external entities even if custom SAX handlers try to override entity content (by setting "checked"). This makes classic XXE attacks possible. | CVSS3: 9.1 | 0% Низкий | 8 месяцев назад |
 | CVE-2024-40896 In libxml2 2.11 before 2.11.9, 2.12 before 2.12.9, and 2.13 before 2.13.3, the SAX parser can produce events for external entities even if custom SAX handlers try to override entity content (by setting "checked"). This makes classic XXE attacks possible. | CVSS3: 9.1 | 0% Низкий | 8 месяцев назад |
 | CVSS3: 9.1 | 0% Низкий | 7 месяцев назад | |
| CVE-2024-40896 In libxml2 2.11 before 2.11.9, 2.12 before 2.12.9, and 2.13 before 2.1 ... | CVSS3: 9.1 | 0% Низкий | 8 месяцев назад |
 | openSUSE-SU-2025:0024-1 Security update for qt6-webengine | 0% Низкий | 7 месяцев назад | |
| GHSA-6c2p-rqx3-w4px In libxml2 2.11 before 2.11.9, 2.12 before 2.12.9, and 2.13 before 2.13.3, the SAX parser can produce events for external entities even if custom SAX handlers try to override entity content (by setting "checked"). This makes classic XXE attacks possible. | CVSS3: 9.1 | 0% Низкий | 8 месяцев назад |
| ELBA-2025-6597 ELBA-2025-6597: libxml2 bug fix and enhancement update (CRITICAL) | около 2 месяцев назад |
Уязвимостей на страницу