The AWS Java SDK was vulnerable to XML external entity (XXE) injection related to XML parsers.
Tue, Oct 10th, 2017