[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2024-8176":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":27,"aliases":28,"duplicate_of":9,"upstream":29,"downstream":30,"duplicates":89,"related":90,"reserved_at":9,"published_at":100,"modified_at":101,"state":102,"summary":103,"references_raw":112,"kevs":274,"epss":275,"epss_history":278,"metrics":556,"affected":564},"CVE-2024-8176","A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML document with deeply nested entity references, libexpat can be forced to recurse indefinitely, exhausting the stack space and causing a crash. This issue could lead to denial of service (DoS) or, in some cases, exploitable memory corruption, depending on the environment and library usage.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-674","Uncontrolled Recursion","The product does not properly control the amount of recursion that takes place,  consuming excessive resources, such as allocated memory or the program stack.","weakness","Draft","Class",[19,23],{"id":20,"name":21,"techniques":22},"CAPEC-230","Serialized Data with Nested Payloads",[],{"id":24,"name":25,"techniques":26},"CAPEC-231","Oversized Serialized Data Payloads",[],[],[],[],[31,33,35,37,39,41,43,45,47,49,51,53,55,57,59,61,63,65,67,69,71,73,75,77,79,81,83,85,87],{"_key":32},"ALPINE-CVE-2024-8176",{"_key":34},"SUSE-SU-2025:03239-1",{"_key":36},"SUSE-SU-2025:1186-1",{"_key":38},"SUSE-SU-2025:1295-1",{"_key":40},"SUSE-SU-2025:1201-1",{"_key":42},"OPENSUSE-SU-2025:14952-1",{"_key":44},"SUSE-SU-2025:20207-1",{"_key":46},"SUSE-SU-2025:20311-1",{"_key":48},"MGASA-2025-0109",{"_key":50},"MGASA-2025-0240",{"_key":52},"USN-7424-1",{"_key":54},"DEBIAN-CVE-2024-8176",{"_key":56},"UBUNTU-CVE-2024-8176",{"_key":58},"RHSA-2025:22033",{"_key":60},"RHSA-2025:22034",{"_key":62},"RHSA-2025:22035",{"_key":64},"RHSA-2025:22607",{"_key":66},"RHSA-2025:22785",{"_key":68},"RHSA-2025:22842",{"_key":70},"RHSA-2025:22871",{"_key":72},"RHSA-2025:3531",{"_key":74},"RHSA-2025:3913",{"_key":76},"RHSA-2025:4048",{"_key":78},"RHSA-2025:4446",{"_key":80},"RHSA-2025:4447",{"_key":82},"RHSA-2025:4448",{"_key":84},"RHSA-2025:4449",{"_key":86},"RHSA-2025:7444",{"_key":88},"RHSA-2025:7512",[],[91,92,93,94,95,96,97,98,99],{"_key":34},{"_key":36},{"_key":38},{"_key":40},{"_key":42},{"_key":44},{"_key":46},{"_key":48},{"_key":50},"2025-03-14T08:19:48.962Z","2026-04-22T15:55:39.568Z","Deferred",{"cisa_kev":104,"cisa_ransomware":104,"cisa_vendor":9,"epss_severity":105,"epss_score":106,"severity":107,"severity_score":108,"severity_version":109,"severity_source":110,"severity_vector":111,"severity_status":102},false,"low",0.00803,"high",7.5,"v3.1","cve.org","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",[113,120,124,128,132,136,140,144,148,152,156,160,164,168,172,176,180,184,188,192,197,202,206,210,214,218,222,226,230,234,238,242,246,250,254,258,262,266,270],{"url":114,"sources":115,"tags":117},"https://access.redhat.com/errata/RHSA-2025:13681",[110,116],"nvd",[118,119],"Vendor Advisory","X Refsource REDHAT",{"url":121,"sources":122,"tags":123},"https://access.redhat.com/errata/RHSA-2025:22033",[110,116],[118,119],{"url":125,"sources":126,"tags":127},"https://access.redhat.com/errata/RHSA-2025:22034",[110,116],[118,119],{"url":129,"sources":130,"tags":131},"https://access.redhat.com/errata/RHSA-2025:22035",[110,116],[118,119],{"url":133,"sources":134,"tags":135},"https://access.redhat.com/errata/RHSA-2025:22607",[110,116],[118,119],{"url":137,"sources":138,"tags":139},"https://access.redhat.com/errata/RHSA-2025:22785",[110,116],[118,119],{"url":141,"sources":142,"tags":143},"https://access.redhat.com/errata/RHSA-2025:22842",[110,116],[118,119],{"url":145,"sources":146,"tags":147},"https://access.redhat.com/errata/RHSA-2025:22871",[110,116],[118,119],{"url":149,"sources":150,"tags":151},"https://access.redhat.com/errata/RHSA-2025:3531",[110,116],[118,119],{"url":153,"sources":154,"tags":155},"https://access.redhat.com/errata/RHSA-2025:3734",[110,116],[118,119],{"url":157,"sources":158,"tags":159},"https://access.redhat.com/errata/RHSA-2025:3913",[110,116],[118,119],{"url":161,"sources":162,"tags":163},"https://access.redhat.com/errata/RHSA-2025:4048",[110,116],[118,119],{"url":165,"sources":166,"tags":167},"https://access.redhat.com/errata/RHSA-2025:4446",[110,116],[118,119],{"url":169,"sources":170,"tags":171},"https://access.redhat.com/errata/RHSA-2025:4447",[110,116],[118,119],{"url":173,"sources":174,"tags":175},"https://access.redhat.com/errata/RHSA-2025:4448",[110,116],[118,119],{"url":177,"sources":178,"tags":179},"https://access.redhat.com/errata/RHSA-2025:4449",[110,116],[118,119],{"url":181,"sources":182,"tags":183},"https://access.redhat.com/errata/RHSA-2025:7444",[110,116],[118,119],{"url":185,"sources":186,"tags":187},"https://access.redhat.com/errata/RHSA-2025:7512",[110,116],[118,119],{"url":189,"sources":190,"tags":191},"https://access.redhat.com/errata/RHSA-2025:8385",[110,116],[118,119],{"url":193,"sources":194,"tags":195},"https://access.redhat.com/security/cve/CVE-2024-8176",[110,116],[196,119],"VDB Entry",{"url":198,"sources":199,"tags":200},"https://bugzilla.redhat.com/show_bug.cgi?id=2310137",[110,116],[201,119],"Issue Tracking",{"url":203,"sources":204,"tags":205},"https://github.com/libexpat/libexpat/issues/893",[110,116],[],{"url":207,"sources":208,"tags":209},"http://www.openwall.com/lists/oss-security/2025/03/15/1",[110,116],[],{"url":211,"sources":212,"tags":213},"https://blog.hartwork.org/posts/expat-2-7-0-released/",[110,116],[],{"url":215,"sources":216,"tags":217},"https://github.com/libexpat/libexpat/blob/R_2_7_0/expat/Changes#L40-L52",[110,116],[],{"url":219,"sources":220,"tags":221},"https://bugzilla.suse.com/show_bug.cgi?id=1239618",[110,116],[],{"url":223,"sources":224,"tags":225},"https://ubuntu.com/security/CVE-2024-8176",[110,116],[],{"url":227,"sources":228,"tags":229},"https://security-tracker.debian.org/tracker/CVE-2024-8176",[110,116],[],{"url":231,"sources":232,"tags":233},"https://gitlab.alpinelinux.org/alpine/aports/-/commit/d068c3ff36fc6f4789988a09c69b434db757db53",[110,116],[],{"url":235,"sources":236,"tags":237},"https://security.netapp.com/advisory/ntap-20250328-0009/",[110,116],[],{"url":239,"sources":240,"tags":241},"https://www.kb.cert.org/vuls/id/760160",[110,116],[],{"url":243,"sources":244,"tags":245},"http://seclists.org/fulldisclosure/2025/May/12",[110,116],[],{"url":247,"sources":248,"tags":249},"http://seclists.org/fulldisclosure/2025/May/11",[110,116],[],{"url":251,"sources":252,"tags":253},"http://seclists.org/fulldisclosure/2025/May/10",[110,116],[],{"url":255,"sources":256,"tags":257},"http://seclists.org/fulldisclosure/2025/May/8",[110,116],[],{"url":259,"sources":260,"tags":261},"http://seclists.org/fulldisclosure/2025/May/7",[110,116],[],{"url":263,"sources":264,"tags":265},"http://seclists.org/fulldisclosure/2025/May/6",[110,116],[],{"url":267,"sources":268,"tags":269},"http://www.openwall.com/lists/oss-security/2025/09/24/11",[110,116],[],{"url":271,"sources":272,"tags":273},"https://github.com/libexpat/libexpat/pull/973",[110,116],[],[],{"date":276,"score":106,"percentile":277},"2026-06-04",0.7446,[279,283,286,289,291,295,298,301,304,307,310,313,316,319,323,327,330,333,337,340,343,347,351,354,357,361,364,367,370,373,377,380,383,386,389,393,397,400,403,406,408,411,414,418,421,424,427,429,432,435,438,441,444,447,450,453,457,461,464,467,470,473,476,479,481,484,488,491,494,497,500,503,506,509,512,515,518,521,524,526,529,532,535,537,540,542,545,548,550,553],{"date":280,"score":281,"percentile":282},"2025-11-04",0.00773,0.72759,{"date":284,"score":281,"percentile":285},"2025-11-05",0.72744,{"date":287,"score":281,"percentile":288},"2025-11-06",0.72742,{"date":290,"score":281,"percentile":282},"2025-11-07",{"date":292,"score":293,"percentile":294},"2025-11-08",0.00805,0.73393,{"date":296,"score":293,"percentile":297},"2025-11-09",0.73388,{"date":299,"score":293,"percentile":300},"2025-11-10",0.73376,{"date":302,"score":293,"percentile":303},"2025-11-11",0.73382,{"date":305,"score":293,"percentile":306},"2025-11-12",0.734,{"date":308,"score":293,"percentile":309},"2025-11-13",0.73408,{"date":311,"score":293,"percentile":312},"2025-11-14",0.73414,{"date":314,"score":293,"percentile":315},"2025-11-15",0.73411,{"date":317,"score":293,"percentile":318},"2025-11-16",0.73406,{"date":320,"score":321,"percentile":322},"2025-11-17",0.00934,0.75407,{"date":324,"score":325,"percentile":326},"2025-11-18",0.05487,0.89237,{"date":328,"score":325,"percentile":329},"2025-11-19",0.89241,{"date":331,"score":325,"percentile":332},"2025-11-20",0.89243,{"date":334,"score":335,"percentile":336},"2025-11-21",0.01247,0.78696,{"date":338,"score":335,"percentile":339},"2025-11-22",0.78698,{"date":341,"score":335,"percentile":342},"2025-11-23",0.78687,{"date":344,"score":345,"percentile":346},"2025-11-24",0.01006,0.76358,{"date":348,"score":349,"percentile":350},"2025-11-25",0.00638,0.69678,{"date":352,"score":349,"percentile":353},"2025-11-26",0.69685,{"date":355,"score":349,"percentile":356},"2025-11-27",0.69686,{"date":358,"score":359,"percentile":360},"2025-11-28",0.00502,0.65141,{"date":362,"score":359,"percentile":363},"2025-11-29",0.65118,{"date":365,"score":359,"percentile":366},"2025-11-30",0.65114,{"date":368,"score":359,"percentile":369},"2025-12-01",0.65271,{"date":371,"score":359,"percentile":372},"2025-12-02",0.65288,{"date":374,"score":375,"percentile":376},"2025-12-03",0.0048,0.6438,{"date":378,"score":375,"percentile":379},"2025-12-04",0.64202,{"date":381,"score":375,"percentile":382},"2025-12-05",0.64217,{"date":384,"score":375,"percentile":385},"2025-12-06",0.64215,{"date":387,"score":375,"percentile":388},"2025-12-07",0.64208,{"date":390,"score":391,"percentile":392},"2025-12-08",0.00548,0.66988,{"date":394,"score":395,"percentile":396},"2025-12-09",0.00404,0.60187,{"date":398,"score":395,"percentile":399},"2025-12-10",0.60233,{"date":401,"score":395,"percentile":402},"2025-12-11",0.60252,{"date":404,"score":395,"percentile":405},"2025-12-12",0.6027,{"date":407,"score":395,"percentile":405},"2025-12-13",{"date":409,"score":395,"percentile":410},"2025-12-14",0.60265,{"date":412,"score":395,"percentile":413},"2025-12-15",0.60239,{"date":415,"score":416,"percentile":417},"2025-12-16",0.00422,0.61436,{"date":419,"score":416,"percentile":420},"2025-12-17",0.61452,{"date":422,"score":395,"percentile":423},"2025-12-18",0.60321,{"date":425,"score":395,"percentile":426},"2025-12-19",0.6033,{"date":428,"score":395,"percentile":426},"2025-12-20",{"date":430,"score":395,"percentile":431},"2025-12-21",0.60316,{"date":433,"score":395,"percentile":434},"2025-12-22",0.60309,{"date":436,"score":395,"percentile":437},"2025-12-23",0.60322,{"date":439,"score":395,"percentile":440},"2025-12-24",0.60334,{"date":442,"score":395,"percentile":443},"2025-12-25",0.60366,{"date":445,"score":395,"percentile":446},"2025-12-26",0.60363,{"date":448,"score":395,"percentile":449},"2025-12-27",0.60417,{"date":451,"score":395,"percentile":452},"2025-12-28",0.60339,{"date":454,"score":455,"percentile":456},"2025-12-29",0.00339,0.56178,{"date":458,"score":459,"percentile":460},"2025-12-30",0.00355,0.57229,{"date":462,"score":459,"percentile":463},"2025-12-31",0.57264,{"date":465,"score":459,"percentile":466},"2026-01-01",0.57431,{"date":468,"score":459,"percentile":469},"2026-01-02",0.57413,{"date":471,"score":459,"percentile":472},"2026-01-03",0.57409,{"date":474,"score":459,"percentile":475},"2026-01-04",0.57237,{"date":477,"score":459,"percentile":478},"2026-01-05",0.57226,{"date":480,"score":459,"percentile":475},"2026-01-06",{"date":482,"score":459,"percentile":483},"2026-01-07",0.57262,{"date":485,"score":486,"percentile":487},"2026-01-08",0.00417,0.61248,{"date":489,"score":486,"percentile":490},"2026-01-09",0.61251,{"date":492,"score":486,"percentile":493},"2026-01-10",0.61244,{"date":495,"score":486,"percentile":496},"2026-01-11",0.61228,{"date":498,"score":486,"percentile":499},"2026-01-12",0.61204,{"date":501,"score":486,"percentile":502},"2026-01-13",0.61181,{"date":504,"score":486,"percentile":505},"2026-01-14",0.61224,{"date":507,"score":486,"percentile":508},"2026-01-15",0.61223,{"date":510,"score":486,"percentile":511},"2026-01-16",0.61241,{"date":513,"score":486,"percentile":514},"2026-01-17",0.61234,{"date":516,"score":486,"percentile":517},"2026-01-18",0.61232,{"date":519,"score":486,"percentile":520},"2026-01-19",0.61202,{"date":522,"score":486,"percentile":523},"2026-01-20",0.61217,{"date":525,"score":486,"percentile":505},"2026-01-21",{"date":527,"score":486,"percentile":528},"2026-01-22",0.61227,{"date":530,"score":486,"percentile":531},"2026-01-23",0.61263,{"date":533,"score":486,"percentile":534},"2026-01-24",0.6127,{"date":536,"score":486,"percentile":517},"2026-01-25",{"date":538,"score":486,"percentile":539},"2026-01-26",0.61222,{"date":541,"score":486,"percentile":528},"2026-01-27",{"date":543,"score":486,"percentile":544},"2026-01-28",0.61238,{"date":546,"score":486,"percentile":547},"2026-01-29",0.61239,{"date":549,"score":486,"percentile":511},"2026-01-30",{"date":551,"score":486,"percentile":552},"2026-01-31",0.61245,{"date":554,"score":486,"percentile":555},"2026-02-01",0.61378,[557,562],{"source":110,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":558,"cvss_v4_0":9},{"baseScore":108,"baseSeverity":559,"vectorString":111,"impactScore":560,"exploitabilityScore":561},"HIGH",6,10,{"source":116,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":563,"cvss_v4_0":9},{"baseScore":108,"baseSeverity":559,"vectorString":111,"impactScore":560,"exploitabilityScore":561},[]]