Name of the Vulnerable Software and Affected Versions mofh versions prior to 1.0.1

Description The issue affects the xml.etree.ElementTree module, making the application susceptible to denial-of-service attacks, specifically the Billion Laughs attack and the Quadratic blowup attack. These attacks exploit entity expansion, overwhelming the parser with multiple levels of nested entities or repeated large entities.

Recommendations For versions prior to 1.0.1, upgrade to version 1.0.1 or later, which utilizes the defusedxml package to patch the issue. As a temporary workaround, consider calling defusedxml.defuse stdlib() before making any requests using the client. Restrict the use of custom API URLs or ensure MyOwnFreeHost's API is secure to minimize the risk of exploitation.