|
|
|
|
|
|
by laech
999 days ago
|
|
|
Years ago when parsing XML in Java, to my surprise at the time, the parser by default would try to resolve external DTDs while parsing, ouch, what a way to let someone DDoS your system. Unfortunately YAML was even worse in that regard, as it allowed arbitrary code execution as seen in recent CVEs... |
|
|