In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsUpgrade ultimate-sitemap-parser to version 1.8.1 or higher.
ultimate-sitemap-parser is an A performant library for parsing and crawling sitemaps
Affected versions of this package are vulnerable to Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion') through the sitemap_tree_for_homepage and sitemap_from_str functions when parsing attacker-controlled XML content without restrictions on DTD declarations or recursive entity references. An attacker can cause unbounded CPU and memory consumption by supplying a malicious XML payload with deeply nested entity expansions.