OR
     *cpe:2.3:a:github:owslib:0.24.1:*:*:*:*:*:*:*

OR
     *cpe:2.3:a:osgeo:owslib:0.24.1:*:*:*:*:*:*:*

OR
     *cpe:2.3:a:github:owslib:0.24.1:*:*:*:*:*:*:*
     *cpe:2.3:a:osgeo:pywps:*:*:*:*:*:*:*:* versions up to (excluding) 4.5.5

OR
     *cpe:2.3:a:github:owslib:0.24.1:*:*:*:*:*:*:*
     *cpe:2.3:a:osgeo:pywps:*:*:*:*:*:*:*:* versions up to (excluding) 4.4.5

OR
     *cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

OR
     *cpe:2.3:a:github:owslib:0.24.1:*:*:*:*:*:*:*
     *cpe:2.3:a:osgeo:pywps:*:*:*:*:*:*:*:* versions up to (excluding) 4.5.0

OR
     *cpe:2.3:a:github:owslib:0.24.1:*:*:*:*:*:*:*
     *cpe:2.3:a:osgeo:pywps:*:*:*:*:*:*:*:* versions up to (excluding) 4.5.5

https://lists.debian.org/debian-lts-announce/2021/09/msg00001.html No Types Assigned

https://lists.debian.org/debian-lts-announce/2021/09/msg00001.html Mailing List, Third Party Advisory

An XML external entity (XXE) injection in PyWPS before 4.5.0 allows an attacker to view files on the application server filesystem by assigning a path to the entity. OWSLib 0.24.1 may also be affected.

An XML external entity (XXE) injection in PyWPS before 4.4.5 allows an attacker to view files on the application server filesystem by assigning a path to the entity. OWSLib 0.24.1 may also be affected.

https://lists.debian.org/debian-lts-announce/2021/09/msg00001.html [No Types Assigned]

OR
     *cpe:2.3:a:github:owslib:0.24.1:*:*:*:*:*:*:*
     *cpe:2.3:a:osgeo:pywps:*:*:*:*:*:*:*:* versions up to (excluding) 4.5.0

NIST (AV:N/AC:L/Au:N/C:P/I:N/A:N)

NIST AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

NIST CWE-611

https://github.com/geopython/OWSLib/issues/790 No Types Assigned

https://github.com/geopython/OWSLib/issues/790 Issue Tracking, Patch, Third Party Advisory

https://github.com/geopython/pywps/pull/616 No Types Assigned

https://github.com/geopython/pywps/pull/616 Patch, Third Party Advisory