Apache POI in versions prior to release 3.15 allows remote malicious users to cause a denial of service (CPU consumption) via a specially crafted OOXML file, aka an XML Entity Expansion (XEE) attack.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apache poi |