CVE-2022-0839
CVE-2022-0839 affects Liquibase in liquibase/liquibase prior to 4.8.0, due to improper validation in XMLChangeLogSAXParser() that enables XML External Entity processing. This could allow a remote attacker to disclose sensitive information or perform SSRF. The documented remediation is to upgrade ...