netvl/xml-rs

Releases46

Frequency2 months 3 weeks

Last Release about 1 month ago

Stars470

An XML library in Rust

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2023-34411 ↗	Jun 5, 2023Monday, 5 June 2023, 04:15	7.5 HIGH	—
The xml-rs crate before 0.8.14 for Rust and Crab allows a denial of service (panic) via an invalid <! token (such as <!DOCTYPEs/%<!A nesting) in an XML document. The earliest affected version is 0.8.9.