Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 3:29 p.m.8 views

CVE-2020-29128

petl before 1.68, in some configurations, allows resolution of entities in an XML document...

9.8CVSS6.8AI score0.02275EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2020/12/02 6:28 p.m.6 views

datatransfer-client (=2.13.0), parsons (>=0.5.0 <=0.11.1) +1 more potentially affected by CVE-2020-29128 via petl (=1.2.0)

petl PYPI version =1.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on petl and may be impacted: - datatransfer-client =2.13.0 - parsons =0.5.0, =0.4.0, =0.10.1 Source cves: CVE-2020-29128 Source advisory: OSV:GHSA-F5GC-P5M3-V347...

9.8CVSS7.2AI score0.02275EPSS
Exploits0
OSV
OSV
added 2020/12/02 6:28 p.m.23 views

GHSA-F5GC-P5M3-V347 XXE in petl

Impact Information Disclosure Summary petl is a Python library that provides functions for extraction, transformation, and loading ETL of data. petl before 1.68, in some configurations, allows resolution of entities in XML input. An attacker who is able to submit XML input to an application using...

9.8CVSS9.2AI score0.02275EPSS
Exploits0References11
Circl
Circl
added 2020/11/26 7:48 a.m.6 views

CVE-2020-29128

creationtimestamp| type| source ---|---|--- 2020-11-26 07:48:31+00:00| seen| https://t.me/cibsecurity/16862...

9.8CVSS8.7AI score0.02275EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2020/11/26 5:15 a.m.3 views

datatransfer-client (=2.13.0), parsons (>=0.5.0 <=0.11.1) +1 more potentially affected by CVE-2020-29128 via petl (=1.2.0)

petl PYPI version =1.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on petl and may be impacted: - datatransfer-client =2.13.0 - parsons =0.5.0, =0.4.0, =0.10.1 Source cves: CVE-2020-29128 Source advisory: OSV:PYSEC-2020-75...

9.8CVSS7.2AI score0.02275EPSS
Exploits0
Cvelist
Cvelist
added 2020/11/26 5:1 a.m.36 views

CVE-2020-29128

petl before 1.68, in some configurations, allows resolution of entities in an XML document...

9.5AI score0.02275EPSS
Exploits0References7
CVE
CVE
added 2020/11/26 5:1 a.m.110 views

CVE-2020-29128

CVE-2020-29128 concerns the Python ETL library petl, prior to version 1.68. In some configurations, petl can resolve entities in XML input, enabling an attacker to disclose arbitrary files when the application processes attacker-supplied XML with a configured lxml backend. The issue is classified...

9.8CVSS9.3AI score0.02275EPSS
Exploits0References7Affected Software1
Rows per page
Query Builder