7Haz
CVE-2024-37388 | lxml up to 4.9.0 XML ebookmeta.get_metadata xml external entity reference (Issue 16)
A vulnerability, which was classified as problematic, was found in lxml up to 4.9.0. Affected is the functionebookmeta.get_metadata
of the component XML Handler. The manipulation leads to xml external entity reference.
This vulnerability is traded as CVE-2024-37388. The attack needs to be done within the local network. There is no exploit available.
It is recommended to upgrade the affected component.