Launchpad.net

CVE 2017-1000061

xmlsec 1.2.23 and before is vulnerable to XML External Entity Expansion when parsing crafted input documents, resulting in possible information disclosure or denial of service

See the CVE page on Mitre.org for more details.

References