https://bugzilla.redhat.com/show_bug.cgi?id=1340386
Pavel Polischouk <pavelp(a)redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Doc Type|If docs needed, set a value |Bug Fix
--- Doc Text *updated* ---
It was found that the parsing of OOXML, XMP in PDF, and some other file formats by Apache
Tika would expand entity references. A remote, unauthenticated attacker could use this
flaw to read files accessible to the user running the application server, and potentially
perform other more advanced XXE attacks.
--
You are receiving this mail because:
You are on the CC list for the bug.