A flaw was found in dozer's reflection-based approach to type conversion which may allow an attacker to execute code remotely under special circumstances. [UPSTREAM BUG] https://github.com/DozerMapper/dozer/issues/217
Created dozer tracking bugs for this issue: Affects: fedora-all [bug 1530817]