CVE-2021-25951: XML2Dict XML Entity Expansion Vulnerability

(updated )

XXE vulnerability in ‘XML2Dict’ version 0.2.2 allows an attacker to cause a denial of service. The parse function does not properly restrict recursive entity references.

References

Detect and mitigate CVE-2021-25951 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →