owslib is vulnerable to XML External Entity (XXE). The vulnerability is due to allowing lxml
entity resolution, which allows an attacker to read arbitrary files by parsing a crafted XML document.
github.com/advisories/GHSA-8h9c-r582-mggc
github.com/geopython/OWSLib/commit/b0c687544ddc213d8dcd4a056139b63451938b21
github.com/geopython/OWSLib/pull/863
github.com/geopython/OWSLib/pull/863/commits/b92687702be9576c0681bb11cad21eb631b9122f
github.com/geopython/OWSLib/releases/tag/0.28.1
github.com/geopython/OWSLib/security/advisories/GHSA-8h9c-r582-mggc
lists.debian.org/debian-lts-announce/2023/06/msg00032.html
securitylab.github.com/advisories/GHSL-2022-131_owslib/
www.debian.org/security/2023/dsa-5426