CVE-2024-40896

CRITICAL
Published Dec 23, 2024 Modified Nov 25, 2025 CWE-611

Description

In libxml2 2.11 before 2.11.9, 2.12 before 2.12.9, and 2.13 before 2.13.3, the SAX parser can produce events for external entities even if custom SAX handlers try to override entity content (by setting "checked"). This makes classic XXE attacks possible.

Is your site exposed to CVE-2024-40896?

Run a free security scan — no signup, results in seconds.

CVSS v3.1 Score

9.1
CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

Weakness Type (CWE)

CWE-611 CWE-611

Affected Products

Vendor Product
xmlsoft libxml2
xmlsoft libxml2
xmlsoft libxml2
netapp hci_compute_node
netapp hci_compute_node
netapp solidfire_\&_hci_management_node
netapp solidfire_\&_hci_storage_node
netapp h300s_firmware
netapp h300s
netapp h410s_firmware
netapp h410s
netapp h500s_firmware
netapp h500s
netapp h700s_firmware
netapp h700s
netapp h410c_firmware
netapp h410c

References

Frequently Asked Questions

What is CVE-2024-40896? +
In libxml2 2.11 before 2.11.9, 2.12 before 2.12.9, and 2.13 before 2.13.3, the SAX parser can produce events for external entities even if custom SAX handlers try to override entity content (by setting "checked"). This makes classic XXE attacks possible. It has a CVSS v3.1 base score of 9.1 (CRITICAL).
How severe is CVE-2024-40896? +
CVE-2024-40896 has a CVSS v3.1 score of 9.1 out of 10, rated CRITICAL. This is a critical vulnerability that should be patched immediately.
What products are affected by CVE-2024-40896? +
CVE-2024-40896 affects products from netapp, xmlsoft, specifically: h300s, h300s_firmware, h410c, h410c_firmware, h410s, h410s_firmware, h500s, h500s_firmware, h700s, h700s_firmware, hci_compute_node, libxml2, solidfire_\&_hci_management_node, solidfire_\&_hci_storage_node. Check the affected products table above for specific version ranges.
How do I check if I'm vulnerable to CVE-2024-40896? +
You can use Secably's free Website Scanner to check your website for known vulnerabilities. For infrastructure scanning, use the Port Scanner to identify exposed services that may be affected. Check the vendor advisories linked above for specific patch and version information.

Related Vulnerabilities

Don't wait for an exploit

Scan your website for vulnerabilities like CVE-2024-40896 — free, no signup required.