Fix: Unsafe XML Processing Could Expose Sensitive Data in manim/mobject/svg/svg_mobject.py

[kira-offgrid]

Context and Purpose:

This PR automatically remediates a security vulnerability:

• Description: The native Python xml library is vulnerable to XML External Entity (XXE) attacks. These attacks can leak confidential data and "XML bombs" can cause denial of service. Do not use this library to parse untrusted input. Instead the Python documentation recommends using defusedxml.
• Rule ID: python.lang.security.use-defused-xml-parse.use-defused-xml-parse
• Severity: MEDIUM
• File: manim/mobject/svg/svg_mobject.py
• Lines Affected: 193 - 193

This change is necessary to protect the application from potential security risks associated with this vulnerability.

Solution Implemented:

The automated remediation process has applied the necessary changes to the affected code in manim/mobject/svg/svg_mobject.py to resolve the identified issue.

Please review the changes to ensure they are correct and integrate as expected.

[behackl]

The status about defusedxml appears to have changed, it no longer occurs as a recommendation in the Python documentation. Moreover, the attack vector seems a bit constructed. Closing as not relevant.