Haskell Xml Conduit
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Haskell Xml Conduit.
By the Year
In 2026 there have been 0 vulnerabilities in Haskell Xml Conduit. Xml Conduit did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 1 | 7.50 |
It may take a day or so for new Xml Conduit vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Haskell Xml Conduit Security Vulnerabilities
xml-conduit 1.9.1.0: Remote Infinite Loop via DOCTYPE Entity Expansion
CVE-2021-4249
7.5 - High
- December 18, 2022
A vulnerability was found in xml-conduit. It has been classified as problematic. Affected is an unknown function of the file xml-conduit/src/Text/XML/Stream/Parse.hs of the component DOCTYPE Entity Expansion Handler. The manipulation leads to infinite loop. It is possible to launch the attack remotely. Upgrading to version 1.9.1.0 is able to address this issue. The name of the patch is 4be1021791dcdee8b164d239433a2043dc0939ea. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-216204.
Improper Resource Shutdown or Release
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Haskell Xml Conduit or by Haskell? Click the Watch button to subscribe.
