dwww: tpablo.net
Description: XML bomb protection for Python stdlib modules (for Python 3)
The results of an attack on a vulnerable XML library can be fairly dramatic.
With just a few hundred bytes of XML data an attacker can occupy several
gigabytes of memory within seconds. An attacker can also keep
CPUs busy for a long time with a small to medium size request.
This library allows for XML to be parsed in a manner that avoids these
pitfalls.
This package contains the module for the Python 3 interpreter.
Homepage: https://github.com/tiran/defusedxml
copyright | Debian changelog
Other documents: