CVE-2022-37189

Improper Restriction of XML External Entity Reference in pypi/mei2volpiano

Identifiers

CVE-2022-37189

Package Slug

pypi/mei2volpiano

Vulnerability

Improper Restriction of XML External Entity Reference

Description

DDMAL MEI2Volpiano 0.8.2 is vulnerable to XML External Entity (XXE), leading to a Denial of Service. This occurs due to the usage of the unsafe 'xml.etree' library to parse untrusted XML input.

Affected Versions

All versions up to 0.8.2

Solution

Unfortunately, there is no solution available yet.

Last Modified

2022-09-12

source