initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler through 2.3.0 allows XXE attacks via a job description (CVE-2019-13990).
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 7 | noarch | quartz | <Â 2.2.1-9.1 | quartz-2.2.1-9.1.mga7 |