Critical severity9.1NVD Advisory· Published Oct 31, 2021· Updated Jun 17, 2026
CVE-2020-26705
CVE-2020-26705
Description
The parseXML function in Easy-XML 0.5.0 was discovered to have a XML External Entity (XXE) vulnerability which allows for an attacker to expose sensitive data or perform a denial of service (DOS) via a crafted external entity entered into the XML content as input.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
easy-xmlPyPI | <= 0.5.0 | — |
Affected products
2- Easy-XML/Easy-XMLdescription
Patches
Vulnerability mechanics
References
4- github.com/darkfoxprime/python-easy_xml/issues/1nvdPatchThird Party AdvisoryWEB
- github.com/advisories/GHSA-v899-28g4-qmh8ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2020-26705ghsaADVISORY
- github.com/pypa/advisory-database/tree/main/vulns/easy-xml/PYSEC-2021-388.yamlghsaWEB
News mentions
0No linked articles in our index yet.