Headline
GHSA-j6v2-mwxm-f952: py-xml XML External Entity Injection vulnerability
py-xml v1.0 was discovered to contain an XML External Entity Injection (XXE) vulnerability which allows attackers to execute arbitrary code via a crafted XML file.
py-xml XML External Entity Injection vulnerability
Moderate severity GitHub Reviewed Published Jun 29, 2023 to the GitHub Advisory Database • Updated Jun 30, 2023
Related news
CVE-2020-26709: XML External Entity (XXE) · Issue #2 · PinaeOS/py-xml
py-xml v1.0 was discovered to contain an XML External Entity Injection (XXE) vulnerability which allows attackers to execute arbitrary code via a crafted XML file.