VYPR

hackage package

xml-conduit

pkg:hackage/xml-conduit

Vulnerabilities (1)

  • CVE-2021-4249Dec 18, 2022
    affected >= 0.5.0, < 1.9.1.0fixed 1.9.1.0

    A vulnerability was found in xml-conduit. It has been classified as problematic. Affected is an unknown function of the file xml-conduit/src/Text/XML/Stream/Parse.hs of the component DOCTYPE Entity Expansion Handler. The manipulation leads to infinite loop. It is possible to laun