CVE-2019-12415: XML processing vulnerability in Apache POI
Nov 3 · 3 min read
Apache POI is a popular Java library for working with Microsoft documents. For example, it allows you reading and writing Microsoft Excel files using Java. When I was recently looking into the library, I noticed a little vulnerability which then became CVE-2019–12415. The issue has been fixed in POI 4.1.1. Below are the details.


