It was discovered that Apache Tika incorrectly handled XML external entities when parsing XFA content in PDF files. An attacker could possibly use this issue to obtain sensitive information or send malicious requests to internal resources or third-party servers.
Apache HTTP Server 2.4.x
Exploit
Ubuntu Security
Apply vendor security patch