pypi›svglib›CVE-2020-107999.8 CRITICALImproper Restriction of XML External Entity ReferenceThe svglib package for Python allows XXE attacks via an svg2rlg call.