mirror of
https://github.com/asterisk/asterisk.git
synced 2026-07-09 07:57:05 -07:00
640677c9d8
The xmlReadFile XML_PARSE_NOENT flag, which allows parsing of external entities, could allow a potential XXE injection attack. Replacing it with XML_PARSE_NONET, which prevents network access, is safer. Resolves: #GHSA-85x7-54wr-vh42
14 KiB
14 KiB