EPSS
Percentile
41.5%
org.apache.karaf.util is vulnerable to XML External Entities (XXE) attacks. The vulnerability exists due to the lack of default restriction of XML entities, allowing XXE attacks.
github.com/apache/karaf/commit/0c36c50bc158739c8fc8543122a6740c54adafca
github.com/apache/karaf/pull/611