None · Openpyxl · CVE-2017-5992
**Name of the Vulnerable Software and Affected Versions**
Openpyxl versions prior to 2.4.1
**Description**
The issue allows remote attackers to conduct XXE attacks via a crafted .xlsx document, as Openpyxl resolves external entities by default.
**Recommendations**
For versions prior to 2.4.1, update to version 2.4.1 or later to resolve the issue.