4 matches found
Docling: Unsafe XML Entity Expansion in USPTO Patent Backend
Impact The USPTO patent XML parser used the standard xml.sax.parseString without protection against XML External Entity XXE attacks. An attacker could craft malicious USPTO patent XML files with external entity references that could: - Read arbitrary files from the server filesystem - Perform...
PT-2026-46121
Name of the Vulnerable Software and Affected Versions Docling versions prior to 2.74.0 Description The USPTO patent XML parser uses the xml.sax.parseString function without protection against XML External Entity XXE attacks. This allows an attacker to use malicious XML files with external entity...
Security update 4.3.16.1 SUSE Manager Server and Proxy 4.3 LTS
Description: This update fixes the following issues: susemanager-build-keys: Update SUSE GPG key and make it available for Salt bsc1250911 susemanager-tftpsync-recv: Version 4.3.11-0 with security fix: CVE-2025-53880: Sanitize path in sync-proxy script bsc1246277 rhnlib: Version 4.3.7-0: Use more...
RHSA-2017:0938 Red Hat Security Advisory: python-defusedxml and python-pysaml2 security update
Bulletin has no description...