Hex (Elixir) package
sweet_xml
pkg:hex/sweet_xml
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-15160 | — | < 0.7.0 | 0.7.0 | Aug 19, 2019 | The SweetXml (aka sweet_xml) package through 0.6.6 for Erlang and Elixir allows attackers to cause a denial of service (resource consumption) via an XML entity expansion attack with an inline DTD. |
- CVE-2019-15160Aug 19, 2019affected < 0.7.0fixed 0.7.0
The SweetXml (aka sweet_xml) package through 0.6.6 for Erlang and Elixir allows attackers to cause a denial of service (resource consumption) via an XML entity expansion attack with an inline DTD.