EPSS
Percentile
76.0%
openpyxl is vulnerable to XML external entity. The vulnerability is possible because it adopts lxml which by default does resolve external entities.
seclists.org/oss-sec/2017/q1/335
bitbucket.org/openpyxl/openpyxl/issues/749/xxe-vulnerability-when-loading-workbook