Количество 9
Количество 9
CVE-2024-40896
In libxml2 2.11 before 2.11.9, 2.12 before 2.12.9, and 2.13 before 2.13.3, the SAX parser can produce events for external entities even if custom SAX handlers try to override entity content (by setting "checked"). This makes classic XXE attacks possible.
CVE-2024-40896
In libxml2 2.11 before 2.11.9, 2.12 before 2.12.9, and 2.13 before 2.13.3, the SAX parser can produce events for external entities even if custom SAX handlers try to override entity content (by setting "checked"). This makes classic XXE attacks possible.
CVE-2024-40896
In libxml2 2.11 before 2.11.9, 2.12 before 2.12.9, and 2.13 before 2.13.3, the SAX parser can produce events for external entities even if custom SAX handlers try to override entity content (by setting "checked"). This makes classic XXE attacks possible.
CVE-2024-40896
CVE-2024-40896
In libxml2 2.11 before 2.11.9, 2.12 before 2.12.9, and 2.13 before 2.1 ...
openSUSE-SU-2025:0024-1
Security update for qt6-webengine
GHSA-6c2p-rqx3-w4px
In libxml2 2.11 before 2.11.9, 2.12 before 2.12.9, and 2.13 before 2.13.3, the SAX parser can produce events for external entities even if custom SAX handlers try to override entity content (by setting "checked"). This makes classic XXE attacks possible.
ELBA-2025-6597
ELBA-2025-6597: libxml2 bug fix and enhancement update (CRITICAL)
BDU:2024-07164
Уязвимость библиотеки libxml2, связанная с неверным ограничением XML-ссылок на внешние объекты, позволяющая нарушителю получить доступ к произвольным файлам на сервере или выполнить сетевое сканирование внутренней и внешней инфраструктуры
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-40896 In libxml2 2.11 before 2.11.9, 2.12 before 2.12.9, and 2.13 before 2.13.3, the SAX parser can produce events for external entities even if custom SAX handlers try to override entity content (by setting "checked"). This makes classic XXE attacks possible. | CVSS3: 9.1 | 0% Низкий | 8 месяцев назад |
 | CVE-2024-40896 In libxml2 2.11 before 2.11.9, 2.12 before 2.12.9, and 2.13 before 2.13.3, the SAX parser can produce events for external entities even if custom SAX handlers try to override entity content (by setting "checked"). This makes classic XXE attacks possible. | CVSS3: 9.1 | 0% Низкий | 8 месяцев назад |
 | CVE-2024-40896 In libxml2 2.11 before 2.11.9, 2.12 before 2.12.9, and 2.13 before 2.13.3, the SAX parser can produce events for external entities even if custom SAX handlers try to override entity content (by setting "checked"). This makes classic XXE attacks possible. | CVSS3: 9.1 | 0% Низкий | 8 месяцев назад |
 | CVSS3: 9.1 | 0% Низкий | 7 месяцев назад | |
| CVE-2024-40896 In libxml2 2.11 before 2.11.9, 2.12 before 2.12.9, and 2.13 before 2.1 ... | CVSS3: 9.1 | 0% Низкий | 8 месяцев назад |
 | openSUSE-SU-2025:0024-1 Security update for qt6-webengine | 0% Низкий | 6 месяцев назад | |
| GHSA-6c2p-rqx3-w4px In libxml2 2.11 before 2.11.9, 2.12 before 2.12.9, and 2.13 before 2.13.3, the SAX parser can produce events for external entities even if custom SAX handlers try to override entity content (by setting "checked"). This makes classic XXE attacks possible. | CVSS3: 9.1 | 0% Низкий | 8 месяцев назад |
| ELBA-2025-6597 ELBA-2025-6597: libxml2 bug fix and enhancement update (CRITICAL) | около 2 месяцев назад | ||
 | BDU:2024-07164 Уязвимость библиотеки libxml2, связанная с неверным ограничением XML-ссылок на внешние объекты, позволяющая нарушителю получить доступ к произвольным файлам на сервере или выполнить сетевое сканирование внутренней и внешней инфраструктуры | CVSS3: 9.1 | 0% Низкий | около 1 года назад |
Уязвимостей на страницу