3 matches found
adderlib (=1.0.0), checkdmarc (>=5.6.0 <=5.6.1) +4 more potentially affected by CVE-2021-25951 via xml2dict (=0.2.2)
xml2dict PYPI version =0.2.2 is affected by a known vulnerability. The following packages have a transitive dependency on xml2dict and may be impacted: - adderlib =1.0.0 - checkdmarc =5.6.0, =0.4.0, =0.0.7, =0.0.8 Source cves: CVE-2021-25951 Source advisory: OSV:GHSA-GP6M-VQHM-5CM5...
adderlib (=1.0.0), checkdmarc (>=5.6.0 <=5.6.1) +4 more potentially affected by CVE-2021-25951 via xml2dict (=0.2.2)
xml2dict PYPI version =0.2.2 is affected by a known vulnerability. The following packages have a transitive dependency on xml2dict and may be impacted: - adderlib =1.0.0 - checkdmarc =5.6.0, =0.4.0, =0.0.7, =0.0.8 Source cves: CVE-2021-25951 Source advisory: OSV:PYSEC-2021-349...
CVE-2021-25951
CVE-2021-25951 concerns the open-source Python library XML2Dict (version 0.2.2) and is tied to an XXE vulnerability. The connected sources specify that the vulnerability arises from the parse function not properly restricting recursive entity references, enabling a denial-of-service condition. Th...