Issue: [B411:blacklist] Using Fault to parse untrusted XML data is known to be vulnerable to XML attacks. Use defused.xmlrpc.monkey_patch() function to monkey-patch xmlrpclib and mitigate XML vulnerabilities.
Severity: High Confidence: High
90 from SimpleXMLRPCServer import SimpleXMLRPCRequestHandler, SimpleXMLRPCServer
91 from xmlrpclib import Fault, ProtocolError, ServerProxy, Transport
92 from urllib2 import urlopen, URLError
Created glances tracking bugs for this issue:
Affects: epel-all [bug 1963987]
Affects: fedora-all [bug 1963986]
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.