Python Docx
1 CVEs
product
Monthly
python-docx before 0.8.6 allows context-dependent attackers to conduct XML External Entity (XXE) attacks via a crafted document. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Python
XXE
Python Docx
NVD
GitHub
CVSS 3.1
8.8
EPSS
0.9%
CVE-2016-5851
PyPI
EPSS 1%
CVSS 8.8
HIGH
PATCH
This Week
python-docx before 0.8.6 allows context-dependent attackers to conduct XML External Entity (XXE) attacks via a crafted document. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Python
XXE
Python Docx
NVD
GitHub