3 matches found
XML External Entity (XXE)
python3.9 is vulnerable to XML External Entity XXE. This vulnerability exists due to a flaw in the way the plistlib module parses certain XML plist files. An attacker can exploit this vulnerability by sending a specially crafted plist file that references an external entity, which could allow the...
SUSE CVE-2022-48565
An XML External Entity XXE issue was discovered in Python through 3.9.1. The plistlib module no longer accepts entity declarations in XML plist files to avoid XML vulnerabilities...
DEBIAN-CVE-2022-48565
An XML External Entity XXE issue was discovered in Python through 3.9.1. The plistlib module no longer accepts entity declarations in XML plist files to avoid XML vulnerabilities...