CVE-2024-23807

Public on 2024-02-19
Modified on 2024-02-19
Description
Apache issued this CVE to indicate the correct versions of xerces-c, which included the fix for CVE-2018-1311. See the older CVE page for fix status.
Severity
Medium severity
Medium
See what this means
CVSS v3 Base Score
5.3
See breakdown

Affected Packages

Platform Package Release Date Advisory Status
Amazon Linux 2 - Core xerces-c 2024-03-04 ALAS2-2024-2476 Fixed

CVSS Scores

Score Type Score Vector
Amazon Linux CVSSv3 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
NVD CVSSv3 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

References

FAQs regarding Amazon Linux ALAS/CVE Severity Red Hat: CVE-2024-23807 Mitre: CVE-2024-23807