CVE-2025-23195 | Apache Ambari up to 2.7.8 DocumentBuilderFactory xml external entity reference

CVE-2025-23195 | Apache Ambari up to 2.7.8 DocumentBuilderFactory xml external entity reference

A vulnerability was found in Apache Ambari up to 2.7.8 and classified as problematic. Affected by this issue is the function DocumentBuilderFactory. The manipulation leads to xml external entity reference. This vulnerability is handled as CVE-2025-23195. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.