maven›org.apache.karaf.specs/org.apache.karaf.specs.java.xml›CVE-2018-117889.8 CRITICALImproper Restriction of XML External Entity ReferenceA user can inject external XML entities in Apache Karaf.