xml4h@1.0 vulnerabilities
XML for Humans in Python
-
latest version
1.0
-
first published
12 years ago
-
latest version published
4 years ago
-
licenses detected
- [1.0,)
Direct Vulnerabilities
Known vulnerabilities in the xml4h package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
xml4h is a XML for Humans in Python Affected versions of this package are vulnerable to XML External Entity (XXE) Injection. The function 'parse()' does not restrict external entities while parsing a specially crafted XML document. Due to this flaw, an attacker could read local files by defining an external entity with a How to fix XML External Entity (XXE) Injection? There is no fixed version for |
[0,)
|