* An attacker can exhaust additional resources on the machine, e.g. with
requests to a service that doesn't respond or responds with very large
+* An attacker may gain knowledge, when, how often and from which IP address
+ a XML document is accessed.
* An attacker could send mail from inside your network if the URL handler
supports ``smtp://`` URIs.
+ Unrestricted entity expansion induces DoS vulnerabilities in Python XML
+ External entity expansion in Python XML libraries inflicts potential
+ security flaws and DoS vulnerabilities