{"schema_version": "1.6.1", "id": "CVE-2021-39239", "summary": "XML External Entity (XXE) vulnerability", "details": "A vulnerability in XML processing in Apache Jena, in versions up to 4.1.0, may allow an attacker to execute XML External Entities (XXE), including exposing the contents of local files to a remote server.", "affected": [{"ranges": [{"type": "SEMVER", "events": [{"introduced": "unspecified"}, {"fixed": "4.1.0"}]}]}], "references": [{"type": "ADVISORY", "url": "https://lists.apache.org/thread.html/rf44d529c54ef1d0097e813f576a0823a727e1669a9f610d3221d493d%40%3Cusers.jena.apache.org%3E"}]}