CVE-2023-41034
The CVE-2023-41034 issue affects Eclipse Leshan: DDFFileParser, DefaultDDFFileValidator (and ObjectLoader) are vulnerable to XXE Attacks when parsing untrusted DDF files. The root cause is exposure to XML External Entities. Remediation is to upgrade to fixed versions 1.5.0 or 2.0.0-M13; upgrades ...