Advisories for Pypi/Pikepdf package

pikepdf before 2.10.0 allows an XXE attack against PDF XMP metadata parsing.

models/metadata.py in the pikepdf package for Python allows XXE when parsing XMP metadata entries.