GHSA-32r8-54hf-c9p3
Suggest an improvement- Source
- https://github.com/advisories/GHSA-32r8-54hf-c9p3
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/12/GHSA-32r8-54hf-c9p3/GHSA-32r8-54hf-c9p3.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-32r8-54hf-c9p3
- Aliases
-
- CVE-2024-46455
- GO-2024-3315
- Published
- 2024-12-09T21:31:02Z
- Modified
- 2024-12-10T21:57:04.563323Z
- Severity
-
- 6.9 (Medium) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N CVSS Calculator
- Summary
- unstructured XML External Entity (XXE)
- Details
-
unstructured v.0.14.2 and before is vulnerable to XML External Entity (XXE) via the XMLParser.
- Database specific
{ "nvd_published_at": "2024-12-09T21:15:08Z", "github_reviewed_at": "2024-12-09T22:40:50Z", "cwe_ids": [ "CWE-611" ], "severity": "MODERATE", "github_reviewed": true }- References
-
- https://nvd.nist.gov/vuln/detail/CVE-2024-46455
- https://github.com/Unstructured-IO/unstructured/pull/3088
- https://github.com/Unstructured-IO/unstructured/commit/171b5df09fc3346aba8ce91c04de5b3e094a86bd
- https://binarysouljour.me/cve-2024-46455
- https://github.com/Unstructured-IO/unstructured
- https://www.tenable.com/cve/CVE-2024-46455
Affected packages
PyPI / unstructured
Package
- Name
- unstructured
- View open source insights on deps.dev
- Purl
- pkg:pypi/unstructured
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed0.14.3
Affected versions
0.*
0.0.1.dev0
0.2.0
0.2.1
0.2.2
0.2.3
0.2.4
0.2.5
0.2.6.dev1
0.3.0
0.3.1
0.3.2
0.3.3
0.3.4
0.3.5
0.4.0
0.4.1
0.4.2
0.4.3
0.4.4
0.4.6
0.4.7
0.4.8
0.4.9
0.4.10
0.4.11
0.4.12
0.4.13
0.4.14
0.4.15
0.4.16
0.5.0
0.5.1
0.5.2
0.5.3
0.5.4
0.5.6
0.5.7
0.5.8
0.5.9
0.5.10
0.5.11
0.5.12
0.5.13
0.6.0
0.6.1
0.6.2
0.6.3
0.6.4
0.6.5
0.6.6
0.6.7
0.6.8
0.6.9
0.6.10
0.6.11
0.7.0
0.7.1
0.7.2
0.7.3
0.7.4
0.7.5
0.7.6
0.7.7
0.7.8
0.7.9
0.7.10
0.7.11
0.7.12
0.8.0
0.8.1
0.8.3
0.8.4
0.8.5
0.8.6
0.8.7
0.8.8
0.9.0
0.9.1
0.9.2
0.9.3
0.10.0
0.10.1
0.10.2
0.10.4
0.10.5
0.10.6
0.10.7
0.10.8
0.10.9
0.10.10
0.10.11
0.10.12
0.10.13
0.10.14
0.10.15
0.10.16
0.10.18
0.10.19.dev18
0.10.19
0.10.20
0.10.21
0.10.22
0.10.23
0.10.24
0.10.25
0.10.26
0.10.27
0.10.28
0.10.29
0.10.30
0.11.0
0.11.1
0.11.2
0.11.4
0.11.5
0.11.6
0.11.7
0.11.8
0.12.0
0.12.2
0.12.3
0.12.4
0.12.5
0.12.6
0.13.0
0.13.1
0.13.2
0.13.3
0.13.4
0.13.5
0.13.6
0.13.7
0.14.0
0.14.2.dev1
0.14.2