CVE-2024-28757
Published
CVSS v3
7.5
HIGH
CVSS v2
N/A
Affected
1
PROJECT
Description
libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external parsers (created via XML_ExternalEntityParserCreate).
:herb: Fast streaming XML parser written in C99 with >90% test coverage; moved from SourceForge to GitHub
GitHub