Cargo/Xml-Rs | GitLab Advisory Database

xml-rs vulnerable to denial of service via invalid token in XML document

The xml-rs crate >= 0.8.9 and < 0.8.14 for Rust and Crab allows a denial of service (panic) via an invalid <! token (such as <!DOCTYPEs/%<!A nesting) in an XML document.

Advisories for Cargo/Xml-Rs package