Workflow

PyPi: Py-Serializable

PVE-2023-53541

Safety vulnerability ID: 53541

This vulnerability was reviewed by experts

The information on this page was manually curated by our Cybersecurity Intelligence Team.

Created at Mar 03, 2023 Updated at Oct 01, 2024

Advisory

Py-serializable 0.11.1 uses defusedxml to prevent XXE attacks. https://github.com/madpah…

[This advisory has been limited. Please create a free account to view the full advisory.]

Affected package

py-serializable

Latest version: 1.1.2

Library for serializing and deserializing Python Objects to and from JSON and XML.

Affected versions

Fixed versions

Vulnerability changelog

Fix * Use `defusedxml` whenever we load XML to prevent XEE attacks ([`ae3d76c`](https://g…

[This text has been limited. Please create a free account to view the full text.]

Resources