Homepage

owslib@0.16.0 vulnerabilities

OGC Web Service utility library

  • latest version

    0.32.0

  • latest non vulnerable version

    0.32.0

  • first published

    18 years ago

  • latest version published

    2 months ago

  • licenses detected

  • View owslib package health on Snyk Advisor  (opens in a new tab)
    • Go back to all versions of this package
    Report a new vulnerability Found a mistake?

    Direct Vulnerabilities

    Known vulnerabilities in the owslib package. This does not include vulnerabilities belonging to this package’s dependencies.

    How to fix?

    Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

    Fix for free
    VulnerabilityVulnerable Version
    • H
    XML External Entity (XXE) Injection

    OWSLib is an OGC Web Service utility library

    Affected versions of this package are vulnerable to XML External Entity (XXE) Injection due to the usage of entity resolution via the XML parser. Exploiting this vulnerability might result in arbitrary file read from an attacker-controlled XML payload

    How to fix XML External Entity (XXE) Injection?

    Upgrade OWSLib to version 0.28.1 or higher.

    [,0.28.1)
    Go back to all versions of this package