EUVD-2025-179209

Malicious code in easy-parse-async-xi-analyze npm...

EUVD-2023-0072

Malicious code in bioql PyPI...

CVE-2020-26710

easy-parse v0.1.1 was discovered to contain a XML External Entity Injection XXE vulnerability which allows attackers to execute arbitrary code via a crafted XML file...

GHSA-VV6Q-6HWP-VRGP easy-parse XML External Entity Injection vulnerability

easy-parse v0.1.1 was discovered to contain a XML External Entity Injection XXE vulnerability which allows attackers to execute arbitrary code via a crafted XML file...

CVE-2020-26710

easy-parse v0.1.1 was discovered to contain a XML External Entity Injection XXE vulnerability which allows attackers to execute arbitrary code via a crafted XML file...

CVE-2020-26710

easy-parse v0.1.1 was discovered to contain a XML External Entity Injection XXE vulnerability which allows attackers to execute arbitrary code via a crafted XML file...

PYSEC-2023-97

easy-parse v0.1.1 was discovered to contain a XML External Entity Injection XXE vulnerability which allows attackers to execute arbitrary code via a crafted XML file...

Xxe

easy-parse v0.1.1 was discovered to contain a XML External Entity Injection XXE vulnerability which allows attackers to execute arbitrary code via a crafted XML file...

PYSEC-2023-97

easy-parse v0.1.1 was discovered to contain a XML External Entity Injection XXE vulnerability which allows attackers to execute arbitrary code via a crafted XML file...

easy-parse 代码问题漏洞

easy-parse is a PyPI project for xml and json parsing by the individual developer Colton Willig. A security vulnerability exists in easy-parse v0.1.1, which stems from the inclusion of an XML External Entity Injection XXE vulnerability that could allow an attacker to execute arbitrary code via a...

CVE-2020-26710

easy-parse v0.1.1 was discovered to contain a XML External Entity Injection XXE vulnerability which allows attackers to execute arbitrary code via a crafted XML file...

CVE-2020-26710

easy-parse v0.1.1 was discovered to contain a XML External Entity Injection XXE vulnerability which allows attackers to execute arbitrary code via a crafted XML file...

CVE-2020-26710

CVE-2020-26710 affects the Python package easy-parse v0.1.1. Affected component: XML parsing logic that is vulnerable to XML External Entity Injection (XXE). Underlying cause: improper handling of external entities in XML processing, enabling an attacker to execute arbitrary code via a crafted XM...

PT-2023-11757 · Unknown · Easy-Parse

Name of the Vulnerable Software and Affected Versions: easy-parse version 0.1.1 Description: The issue allows attackers to execute arbitrary code via a crafted XML file, exploiting a XML External Entity Injection XXE vulnerability. Recommendations: For easy-parse version 0.1.1, update to a versio...