hackage package
xml-conduit
pkg:hackage/xml-conduit
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-4249 | — | >= 0.5.0, < 1.9.1.0 | 1.9.1.0 | Dec 18, 2022 | A vulnerability was found in xml-conduit. It has been classified as problematic. Affected is an unknown function of the file xml-conduit/src/Text/XML/Stream/Parse.hs of the component DOCTYPE Entity Expansion Handler. The manipulation leads to infinite loop. It is possible to laun |
- CVE-2021-4249Dec 18, 2022affected >= 0.5.0, < 1.9.1.0fixed 1.9.1.0
A vulnerability was found in xml-conduit. It has been classified as problematic. Affected is an unknown function of the file xml-conduit/src/Text/XML/Stream/Parse.hs of the component DOCTYPE Entity Expansion Handler. The manipulation leads to infinite loop. It is possible to laun