Switch branches/tags
Nothing to show
Find file History
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Failed to load latest commit information.


Slackware Current Repository by Conraid


defusedxml (XML bomb protection for Python stdlib modules)

The results of an attack on a vulnerable XML library can be fairly
dramatic.  With just a few hundred Bytes of XML data an attacker can
occupy several Gigabytes of memory within seconds.  An attacker can
also keep CPUs busy for a long time with a small to medium size
request.  Under some circumstances it is even possible to access local
files on your server, to circumvent a firewall, or to abuse services
to rebound attacks to third parties.  This library allows for XML to
be parsed in a manner that avoids these pitfalls.

HOME: https://github.com/tiran/defusedxml