CVE-2021-47621 Information

Description

ClassGraph before 4.8.112 was not resistant to XML eXternal Entity (XXE) attacks.

Reference

https://github.com/classgraph/classgraph/releases/tag/classgraph-4.8.112 https://github.com/classgraph/classgraph/commit/681362ad6b0b9d9abaffb2e07099ce54d7a41fa3 https://github.com/classgraph/classgraph/pull/539 https://docs.r3.com/en/platform/corda/4.8/enterprise/release-notes-enterprise.html