Affected versions of this package are vulnerable to Uncontrolled Resource Consumption when parsing an XML that has many <s in an attribute value. An attacker can cause a denial of service by exploiting this behavior.
Workaround
This vulnerability can be mitigated by not parsing untrusted XMLs.