Safety vulnerability ID: 54282
The information on this page was manually curated by our Cybersecurity Intelligence Team.
CVRF-CSAF-Converter before 1.0.0-rc2 resolves XML External Entities (XXE). This leads to the inclusion of arbitrary (local) file content into the generated output document. An attacker can exploit this to disclose information from the system running the converter.
Latest version: 1.0.0
Converts CVRF XML documents to CSAF JSON documents
This vulnerability has no description
Scan your Python project for dependency vulnerabilities in two minutes
Scan your application