15 matches found
EUVD-2020-0079
Malware in sbrugna...
CVE-2020-5227
Feedgen python feedgen before 0.9.0 is susceptible to XML Denial of Service attacks. The feedgen library allows supplying XML as content for some of the available fields. This XML will be parsed and integrated into the existing XML tree. During this process, feedgen is vulnerable to XML Denial of...
Fedora 31 : python-feedgen (2020-8493201e90)
New upstream version 0.9.0 fixes CVE-2020-5227 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C...
XML Entity Expansion
feedgen is vulnerable to XML entity expansion. The library allows parsing of XML content into existing XML tree, which would allow an attacker to perform an XML bomb attack resulting in excessive resource consumption leading to an application crash...
CVE-2020-5227
Feedgen python feedgen before 0.9.0 is susceptible to XML Denial of Service attacks. The feedgen library allows supplying XML as content for some of the available fields. This XML will be parsed and integrated into the existing XML tree. During this process, feedgen is vulnerable to XML Denial of...
CVE-2020-5227
Feedgen python feedgen before 0.9.0 is susceptible to XML Denial of Service attacks. The feedgen library allows supplying XML as content for some of the available fields. This XML will be parsed and integrated into the existing XML tree. During this process, feedgen is vulnerable to XML Denial of...
Design/Logic Flaw
Feedgen python feedgen before 0.9.0 is susceptible to XML Denial of Service attacks. The feedgen library allows supplying XML as content for some of the available fields. This XML will be parsed and integrated into the existing XML tree. During this process, feedgen is vulnerable to XML Denial of...
blogger-cli (>=1.2.0 <=1.2.1), canonicalwebteam-blog (>=2.4.0 <=5.0.0) +3 more potentially affected by CVE-2020-5227 via feedgen (>=0.6.1 <=0.8.0)
feedgen PYPI version =0.6.1, =1.2.0, =2.4.0, =1.0.0.dev37, =2.0.2, =2.0.3 Source cves: CVE-2020-5227 Source advisory: OSV:PYSEC-2020-231...
PYSEC-2020-231
Feedgen python feedgen before 0.9.0 is susceptible to XML Denial of Service attacks. The feedgen library allows supplying XML as content for some of the available fields. This XML will be parsed and integrated into the existing XML tree. During this process, feedgen is vulnerable to XML Denial of...
PYSEC-2020-231
Feedgen python feedgen before 0.9.0 is susceptible to XML Denial of Service attacks. The feedgen library allows supplying XML as content for some of the available fields. This XML will be parsed and integrated into the existing XML tree. During this process, feedgen is vulnerable to XML Denial of...
CVE-2020-5227 Feedgen Vulnerable to XML Denial of Service Attacks
Feedgen python feedgen before 0.9.0 is susceptible to XML Denial of Service attacks. The feedgen library allows supplying XML as content for some of the available fields. This XML will be parsed and integrated into the existing XML tree. During this process, feedgen is vulnerable to XML Denial of...
CVE-2020-5227
CVE-2020-5227 affects the Python package feedgen (before version 0.9.0). The vulnerability arises when XML content is supplied to certain fields; the library parses this content into its XML tree, making it susceptible to XML Denial of Service (e.g., XML Bomb) if untrusted sources provide XML (in...
blogger-cli (>=1.2.0 <=1.2.1), canonicalwebteam-blog (>=2.4.0 <=5.0.0) +3 more potentially affected by CVE-2020-5227 via feedgen (>=0.6.1 <=0.8.0)
feedgen PYPI version =0.6.1, =1.2.0, =2.4.0, =1.0.0.dev37, =2.0.2, =2.0.3 Source cves: CVE-2020-5227 Source advisory: OSV:GHSA-G8Q7-XV52-HF9F...
Feedgen Vulnerable to XML Denial of Service Attacks
Impact The feedgen library allows supplying XML as content for some of the available fields. This XML will be parsed and integrated into the existing XML tree. During this process, feedgen is vulnerable to XML Denial of Service Attacks e.g. XML Bomb. This becomes a concern in particular if feedge...
GHSA-G8Q7-XV52-HF9F Feedgen Vulnerable to XML Denial of Service Attacks
Impact The feedgen library allows supplying XML as content for some of the available fields. This XML will be parsed and integrated into the existing XML tree. During this process, feedgen is vulnerable to XML Denial of Service Attacks e.g. XML Bomb. This becomes a concern in particular if feedge...