Vulnerabilities > CVE-2023-52426 - XML Entity Expansion vulnerability in Libexpat Project Libexpat

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

local

low complexity

NVD

Published: 2024-02-04

Updated: 2024-03-07

Summary

libexpat through 2.5.0 allows recursive XML Entity Expansion if XML_DTD is undefined at compile time.

Part	Description	Count
Application	Libexpat_Project Libexpat Project Libexpat - Libexpat Project Libexpat 1.95.0 Libexpat Project Libexpat 1.95.1 Libexpat Project Libexpat 1.95.2 Libexpat Project Libexpat 1.95.3 Libexpat Project Libexpat 1.95.4 Libexpat Project Libexpat 1.95.5 Libexpat Project Libexpat 1.95.6 Libexpat Project Libexpat 1.95.7 Libexpat Project Libexpat 1.95.8 Libexpat Project Libexpat 2.0.0 Libexpat Project Libexpat 2.0.1 Libexpat Project Libexpat 2.1.0 Libexpat Project Libexpat 2.1.1 Libexpat Project Libexpat 2.2.0 Libexpat Project Libexpat 2.2.1 Libexpat Project Libexpat 2.2.2 Libexpat Project Libexpat 2.2.3 Libexpat Project Libexpat 2.2.4 Libexpat Project Libexpat 2.2.5 Libexpat Project Libexpat 2.2.6 Libexpat Project Libexpat 2.2.7 Libexpat Project Libexpat 2.2.8 Libexpat Project Libexpat 2.2.9 Libexpat Project Libexpat 2.2.10 Libexpat Project Libexpat 2.3.0 Libexpat Project Libexpat 2.4.0 Libexpat Project Libexpat 2.4.1 Libexpat Project Libexpat 2.4.3 Libexpat Project Libexpat 2.4.4 Libexpat Project Libexpat 2.4.5 Libexpat Project Libexpat 2.4.6 Libexpat Project Libexpat 2.4.7 Libexpat Project Libexpat 2.4.8 Libexpat Project Libexpat 2.4.9 Libexpat Project Libexpat 2.5.0	36