CVE-2025-68463

A flaw was found in python-biopython. The Bio.Entrez module is vulnerable to an XML External Entity XXE attack when processing untrusted XML data. A remote attacker could exploit this vulnerability to disclose sensitive information from the system or potentially cause a denial of service DoS by...

EUVD-2025-204037

Biopython is vulnerable to doctype XML external entity XXE injection through Bio.Entrez...

CVE-2025-68463

Bio.Entrez in Biopython through 186 allows doctype XXE...

CVE-2025-68463

Bio.Entrez in Biopython through 186 allows doctype XXE...

CVE-2025-68463

Bio.Entrez in Biopython through 186 allows doctype XXE...

UBUNTU-CVE-2025-68463

Bio.Entrez in Biopython through 186 allows doctype XXE...

CVE-2025-68463

Bio.Entrez in Biopython through 186 allows doctype XXE...

CVE-2025-68463

Bio.Entrez in Biopython through 186 allows doctype XXE...

CVE-2025-68463

Biopython (Bio.Entrez) up to version 1.86 is affected by CVE-2025-68463, an XML external entity (XXE) vulnerability in Bio.Entrez that can arise from processing untrusted Doctype declarations. Affected component/file: Bio.Entrez in Biopython; root cause: improper handling of external entities lea...

PT-2025-51994

Name of the Vulnerable Software and Affected Versions Biopython versions prior to 1.87 Description Bio.Entrez in Biopython allows doctype XML External Entity XXE, which is a technique where an XML parser is tricked into processing external entities within a document type definition, potentially...