PYSEC-2020-75
See a problem?- Import Source
- https://github.com/pypa/advisory-database/blob/main/vulns/petl/PYSEC-2020-75.yaml
- JSON Data
- https://api.osv.dev/v1/vulns/PYSEC-2020-75
- Aliases
- Published
- 2020-11-26T05:15:00Z
- Modified
- 2023-11-08T04:03:30.437607Z
- Summary
- [none]
- Details
-
petl before 1.68, in some configurations, allows resolution of entities in an XML document.
- References
-
- https://petl.readthedocs.io/en/stable/changes.html
- https://github.com/petl-developers/petl/pull/527
- https://github.com/petl-developers/petl/compare/v1.6.7...v1.6.8
- https://github.com/petl-developers/petl/pull/527/commits/1b0a09f08c3cdfe2e69647bd02f97c1367a5b5f8
- https://github.com/petl-developers/petl/issues/526
- https://github.com/petl-developers/petl/security/advisories/GHSA-f5gc-p5m3-v347
- https://github.com/nvn1729/advisories/blob/master/cve-2020-29128.md
- https://github.com/advisories/GHSA-69q2-p9xp-739v
Affected packages
PyPI / petl
Package
- Name
- petl
- View open source insights on deps.dev
- Purl
- pkg:pypi/petl
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.6.8
Affected versions
0.*
0.2
0.3
0.4
0.5
0.6
0.7
0.8
0.9
0.10
0.10.1
0.10.2
0.11
0.11.1
0.12
0.13
0.13.1
0.14
0.15
0.16
0.16.1
0.16.2
0.17
0.17.1
0.18
0.18.1
0.19
0.20
0.21
0.21.2
0.22
0.22.1
0.23
0.24
0.24.1
0.24.2
0.24.3
0.25
0.25.1
0.25.2
0.25.3
0.26
1.*
1.0.0-alpha1
1.0.0a2
1.0.0a3
1.0.0b1
1.0.0b2
1.0.0
1.0.1
1.0.2
1.0.3
1.0.4
1.0.5
1.0.6
1.0.7
1.0.8
1.0.9
1.0.10
1.0.11
1.1.0
1.1.1
1.2.0
1.3.0rc3
1.3.0
1.4.0
1.5.0
1.6.0
1.6.1
1.6.2
1.6.3
1.6.4
1.6.5
1.6.6
1.6.7