PT-2025-29689
Name of the Vulnerable Software and Affected Versions langchain-text-splitters version 0.3.8 Description The HTMLSectionSplitter class is susceptible to XML External Entity XXE attacks because of unsafe XSLT parsing. The class permits the use of arbitrary XSLT stylesheets, which are parsed using...