https://bugzilla.redhat.com/show_bug.cgi?id=1340386
Pavel Polischouk pavelp@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Doc Type|If docs needed, set a value |Bug Fix
--- Doc Text *updated* --- It was found that the parsing of OOXML, XMP in PDF, and some other file formats by Apache Tika would expand entity references. A remote, unauthenticated attacker could use this flaw to read files accessible to the user running the application server, and potentially perform other more advanced XXE attacks.