PyPI package
ebookmeta
pkg:pypi/ebookmeta
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-37388 | — | < 1.2.8 | 1.2.8 | Jun 7, 2024 | An XML External Entity (XXE) vulnerability in the ebookmeta.get_metadata function of lxml before v4.9.1 allows attackers to access sensitive information or cause a Denial of Service (DoS) via crafted XML input. | ||
| CVE-2024-36827 | — | < 1.2.8 | 1.2.8 | Jun 7, 2024 | An XML External Entity (XXE) vulnerability in the ebookmeta.get_metadata function of ebookmeta before v1.2.8 allows attackers to access sensitive information or cause a Denial of Service (DoS) via crafted XML input. |
- CVE-2024-37388Jun 7, 2024affected < 1.2.8fixed 1.2.8
An XML External Entity (XXE) vulnerability in the ebookmeta.get_metadata function of lxml before v4.9.1 allows attackers to access sensitive information or cause a Denial of Service (DoS) via crafted XML input.
- CVE-2024-36827Jun 7, 2024affected < 1.2.8fixed 1.2.8
An XML External Entity (XXE) vulnerability in the ebookmeta.get_metadata function of ebookmeta before v1.2.8 allows attackers to access sensitive information or cause a Denial of Service (DoS) via crafted XML input.