CVE-2018-11796: Improper Restriction of XML External Entity Reference
(updated )
Tika reuses SAXParsers and calls reset()
after each parse; the parser ignores entity expansion limits after the first parse.
References
Detect and mitigate CVE-2018-11796 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →