CVE-2022-46751
CVE-2022-46751: Apache Ivy is vulnerable to XML External Entity (XXE) or XML injection due to improper restriction of DTD processing. Affected versions: Ivy prior to 2.5.2. Root cause: parsing XML files (Ivy config, Ivy files, POMs) can download external DTDs and expand entities, enabling data ex...