Guard against external entity resolving in OData Atom Feed ---------------------------------------------------------- Key: TEIID-2927 URL: https://issues.jboss.org/browse/TEIID-2927 Project: Teiid Issue Type: Bug Security Level: Public(Everyone can see) Components: OData, Query Engine Affects Versions: 7.7, 8.4 Reporter: Van Halbert Assignee: Van Halbert Priority: Critical Fix For: 8.7.1 OData4j is responsible for parsing the Atom feed. StaxXMLFactoryProvider2 simply creates XMLInputFactories without any options, thus they will perform external entity resolving by default. An issue will need to be opened against OData4j.