THREATINT

We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Zendesk (Helpdesk and Chat)

Ok

PUBLISHED

CVE-2024-37388

Assigner:mitre (8254265b-2729-46b6-b9e3-3dfca2d5bfca)
Reserved:2024-06-07
Published:2024-06-07
Updated:2024-06-10

Description

An XML External Entity (XXE) vulnerability in the ebookmeta.get_metadata function of lxml before v4.9.1 allows attackers to access sensitive information or cause a Denial of Service (DoS) via crafted XML input.

References

https://github.com/dnkorpushov/ebookmeta/issues/16#issue-2317712335

cve.org CVE-2024-37388

nvd.nist.gov CVE-2024-37388

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-37388