Lxml is protected against billion laughs attacks and doesn’t do network lookups by default. libxml2 and lxml are not directly vulnerable to gzip decompression bombs but they don’t protect you against them either. xml.etree doesn’t expand entities and raises a ParserError when an entity occurs. minidom doesn’t expand entities and simply returns the unexpanded entity verbatim. genshi.input of genshi