Vulnerabilities (CVE)

Filtered by vendor Osgeo Subscribe
Filtered by product Pywps
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-39371 2 Debian, Osgeo 3 Debian Linux, Owslib, Pywps 2024-11-21 5.0 MEDIUM 7.5 HIGH
An XML external entity (XXE) injection in PyWPS before 4.4.5 allows an attacker to view files on the application server filesystem by assigning a path to the entity. OWSLib 0.24.1 may also be affected.