CVE 2021-39239
A vulnerability in XML processing in Apache Jena, in versions up to 4.1.0, may allow an attacker to execute XML External Entities (XXE), including exposing the contents of local files to a remote server.
See the 
CVE page on Mitre.org
for more details.
