High severityNVD Advisory· Published Sep 7, 2022· Updated Aug 3, 2024
CVE-2022-37189
CVE-2022-37189
Description
DDMAL MEI2Volpiano 0.8.2 is vulnerable to XML External Entity (XXE), leading to a Denial of Service. This occurs due to the usage of the unsafe 'xml.etree' library to parse untrusted XML input.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
mei2volpianoPyPI | <= 0.8.2 | — |
Affected products
2- DDMAL/MEI2Volpianodescription
Patches
Vulnerability mechanics
References
6- github.com/advisories/GHSA-6xm7-3cc5-47f9ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2022-37189ghsaADVISORY
- docs.python.org/3/library/xml.htmlghsax_refsource_MISCWEB
- github.com/DDMAL/MEI2Volpiano/blob/987b70fff991235e682405f901388af0f414eaa8/mei2volpiano/mei2volpiano.pyghsax_refsource_MISCWEB
- pyup.io/vulnerabilities/CVE-2022-37189/50928ghsaWEB
- pyup.io/vulnerabilities/CVE-2022-37189/50928/mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.