AI Score
Confidence
High
EPSS
Percentile
68.2%
The svglib package through 0.9.3 for Python allows XXE attacks via an svg2rlg call.
svg2rlg
github.com/deeplook/svglib/commit/35686a130ed260c71a382a8f83d41fd31a46704d
github.com/deeplook/svglib/issues/229
nvd.nist.gov/vuln/detail/CVE-2020-10799