VYPR

Xml2rfc

by Ietf Tools

pypi: xml2rfc

Source repositories

CVEs (2)

  • CVE-2025-11059higSep 10, 2025
    risk 0.39cvss epss 0.00

    ### Impact When generating PDF files, this vulnerability allows an attacker to read arbitrary files from the filesystem by injecting malicious link element into the prepped RFCXML. ### Workarounds Test untrusted input with `link` elements with `rel="attachment"` before…

  • CVE-2025-11058higAug 26, 2025
    risk 0.39cvss epss 0.00

    ### Impact When generating PDF files, this vulnerability allows an attacker to read arbitrary files from the filesystem by injecting malicious link element into the XML. ### Workarounds Test untrusted input with `link` elements with `rel="attachment"` before processing. ###…