CVE-2024-46455

unstructured v.0.14.2 and before is vulnerable to XML External Entity XXE via the XMLParser...

01os (>=0.0.5 <=0.0.13), airbyte-source-azure-blob-storage (>=0.3.3 <=0.6.12) +81 more potentially affected by unknown CVE via unstructured (>=0.10.10 <=0.16.17)

unstructured PYPI version =0.10.10, =0.0.5, =0.3.3, =0.3.6, =0.0.8, =0.1.5, =0.2.0, =4.5.1, =1.0.0, =0.0.1, =0.1.0, =0.0.1, =1.0.0, =1.1.0 and more Source cves: unknown CVE Source advisory: SNYK:PYTHON-UNSTRUCTURED-9055244...

01os (>=0.0.5 <=0.0.13), airbyte-source-azure-blob-storage (>=0.3.3 <=0.6.12) +57 more potentially affected by CVE-2024-46455 via unstructured (>=0.10.10 <=0.14.2)

unstructured PYPI version =0.10.10, =0.0.5, =0.3.3, =0.3.6, =0.0.8, =0.1.5, =0.2.0, =4.5.1, =1.0.0, =0.0.1, =0.1.0, =0.0.1, =1.0.0, =1.1.0 and more Source cves: CVE-2024-46455 Source advisory: SNYK:PYTHON-UNSTRUCTURED-8492724...

01os (>=0.0.5 <=0.0.13), airbyte-source-azure-blob-storage (>=0.3.3 <=0.6.12) +57 more potentially affected by CVE-2024-46455 via unstructured (>=0.10.10 <=0.14.2)

unstructured PYPI version =0.10.10, =0.0.5, =0.3.3, =0.3.6, =0.0.8, =0.1.5, =0.2.0, =4.5.1, =1.0.0, =0.0.1, =0.1.0, =0.0.1, =1.0.0, =1.1.0 and more Source cves: CVE-2024-46455 Source advisory: OSV:GHSA-32R8-54HF-C9P3...

CVE-2024-46455

unstructured v.0.14.2 and before is vulnerable to XML External Entity XXE via the XMLParser...

CVE-2024-46455

CVE-2024-46455 affects the Unstructured library: unstructured v0.14.2 and earlier are vulnerable to XML External Entity (XXE) via the XMLParser. Root cause is XXE processing in XMLParser, enabling an attacker to exploit XML parsing. Impact is reported as high/critical in CVSS metrics (9.8, Confid...