Oracle: >> Banking Virtual Account Management >> 14.2 Security Vulnerabilities
Apache PDFBox 2.0.14 does not properly initialize the XML parser, which allows context-dependent attackers to conduct XML External Entity (XXE) attacks via a crafted XFDF.
CVSS Score
9.8
EPSS Score
0.078
Published
2019-04-17