Closed MichaelDaum closed 8 months ago
Fixed in latest release
CVE identifier has been requested
Reopening this issue to add the CVE id to the changelogs once available
CVE-2024-23525 has been assigned.
CVE now is properly documented in 0.31
Thank you for your fast responses and hard work !!!
Don't allow external entities by default. Reported by @phvietan.
see https://gist.github.com/phvietan/d1c95a88ab6e17047b0248d6bf9eac4a