2 matches found
CVE-2020-26708
requests-xml v0.2.3 was discovered to contain an XML External Entity Injection XXE vulnerability which allows attackers to execute arbitrary code via a crafted XML file...
mydatapy (=0.1.1) potentially affected by CVE-2020-26708 via requests-xml (=0.2.3)
requests-xml PYPI version =0.2.3 is affected by a known vulnerability. The following packages have a transitive dependency on requests-xml and may be impacted: - mydatapy =0.1.1 Source cves: CVE-2020-26708 Source advisory: OSV:PYSEC-2023-96...