Home page logo
/

oss-sec logo oss-sec mailing list archives

Re: CVE Request: libxml2 external parsed entities issue
From: Nicolas Grégoire <nicolas.gregoire () agarri fr>
Date: Tue, 29 Oct 2013 08:53:08 +0100


libxml has an API to disable external entity expansion.

Are you talking about using xmlSetExternalEntityLoader()?

It works, but changing the libxml default behavior to not being
vulnerable to XXE seems a good idea.

Cheers,
Nicolas


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault