CVE-2021-4249
CVE-2021-4249 affects the Haskell library xml-conduit. The issue lies in the DOCTYPE Entity Expansion Handler within xml-conduit/src/Text/XML/Stream/Parse.hs, where manipulation can cause an infinite loop. It is possible to trigger the issue remotely. Public details consistently recommend upgradi...