VDB

CVE-2017-9233

CVE-2017-9233 PUBLISHED

XML External Entity vulnerability in libexpat 2.2.0 and earlier (Expat XML Parser Library) allows attackers to put the parser in an infinite loop using a malformed external entity definition from an external DTD.

EPSS 0.22% · 44.4th percentile

Risk Scores

EPSS Score
0.22%
44.4th percentile

Affected Products

VendorProductVersions
Ubuntu:20.04:LTSswish-e2.4.7-6build2, 0, 2.4.7-6build1
Ubuntu:16.04:LTSmatanza0.13+ds1-5, 0
Ubuntu:24.04:LTSmatanza0.13+ds2-1build2, 0, *
Ubuntu:25.10sitecopy0, 1:0.16.6-16build1, 1:0.16.6-16
Ubuntu:25.10swish-e0, 2.4.7-6.3build1, 2.4.7-7
Ubuntu:16.04:LTSinsighttoolkit44.9.0-3ubuntu2, 4.8.1-1ubuntu3, 0
Ubuntu:18.04:LTSswish-e0, 2.4.7-5ubuntu1
Ubuntu:14.04:LTSexpat0, 2.1.0-4ubuntu1.1, 2.1.0-4
Ubuntu:18.04:LTSmatanza0, 0.13+ds1-5build1, 0.13+ds1-6
Ubuntu:16.04:LTSexpat0, 2.1.0-7, 2.1.0-7ubuntu0.16.04.1
Ubuntu:Pro:14.04:LTSvnc44.1.1+xorg4.3.0-37ubuntu5.0.1, 0, 4.1.1+xorg4.3.0-37ubuntu5.0.2+esm1
Ubuntu:24.04:LTSswish-e0, 2.4.7-6.2build1, 2.4.7-6.2build2
Ubuntu:22.04:LTSswish-e2.4.7-6.1build1, 0, 2.4.7-6.1
Ubuntu:20.04:LTSmatanza0, *, 0.13+ds1-6
Ubuntu:16.04:LTScableswig0.1.0+git20150808-2, 0.1.0+git20150808-1, 0
Ubuntu:18.04:LTSvnc40, 4.1.1+xorg4.3.0-37.3ubuntu2
Ubuntu:Pro:16.04:LTScoin30, 3.1.4~abc9f50+dfsg1-1
Ubuntu:Pro:16.04:LTSvnc44.1.1+xorg4.3.0-37.3ubuntu2.1+esm1, *, 0
Ubuntu:18.04:LTScoin33.1.4~abc9f50+dfsg3-1, 3.1.4~abc9f50+dfsg3-2, 3.1.4~abc9f50+dfsg2-1
Ubuntu:25.10matanza*, 0

…and 3 more

Exploit Intelligence

…and 70 more exploits

Timeline

  • Jun 21, 2017 CVE Published
  • Apr 14, 2021 EPSS Score
  • Jun 23, 2021 EPSS Score
  • Aug 24, 2021 EPSS Score
  • Dec 27, 2021 EPSS Score
  • Feb 28, 2022 EPSS Score
  • May 2, 2022 EPSS Score
  • Jul 3, 2022 EPSS Score
  • Sep 5, 2022 EPSS Score
  • Nov 6, 2022 EPSS Score
  • Mar 7, 2023 EPSS Score
  • Mar 11, 2023 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›