Miggo Logo
Miggo Vulnerability Database
CVE-2024-40896

CVE-2024-40896: In libxml2 2.11 before 2.11.9, 2.12 before 2.12.9, and 2.13 before 2.13.3, the SAX parser can...

9.1

CVSS Score
3.1

Basic Information

CVE ID
CVE-2024-40896
GHSA ID
GHSA-6c2p-rqx3-w4px
EPSS Score
0.63415%
CWE
CWE-611
Published
12/23/2024
Updated
2/28/2025
KEV Status
No
Technology
-

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

I was unable to fetch the commit information from the GitLab URL due to bot protection. The provided information indicates a vulnerability in the SAX parser of libxml2 related to external entity handling. Without the specific commit diff, I cannot identify the exact vulnerable functions. However, the vulnerability lies within the SAX parsing and entity handling mechanisms, particularly when custom SAX handlers are used. The commit 1a8932303969907f6572b1b6aac4081c56adb5c6 is the fix for this vulnerability, but I cannot access its content to determine the exact functions modified. The vulnerability allows XXE attacks because the SAX parser produces events for external entities even if custom SAX handlers try to override entity content by setting 'checked'

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

In li*xml* *.** ***or* *.**.*, *.** ***or* *.**.*, *n* *.** ***or* *.**.*, t** S*X p*rs*r **n pro*u** *v*nts *or *xt*rn*l *ntiti*s *v*n i* *ustom S*X **n*l*rs try to ov*rri** *ntity *ont*nt (*y s*ttin* "****k**"). T*is m*k*s *l*ssi* XX* *tt**ks possi

Reasoning

I w*s un**l* to **t** t** *ommit in*orm*tion *rom t** *itL** URL *u* to *ot prot**tion. T** provi*** in*orm*tion in*i**t*s * vuln*r**ility in t** S*X p*rs*r o* li*xml* r*l*t** to *xt*rn*l *ntity **n*lin*. Wit*out t** sp**i*i* *ommit *i**, I **nnot i*