ClassGraph before 4.8.112 was not resistant to XML eXternal Entity (XXE) attacks.

MISC:https://docs.r3.com/en/platform/corda/4.8/enterprise/release-notes-enterprise.html | MISC:https://github.com/classgraph/classgraph/commit/681362ad6b0b9d9abaffb2e07099ce54d7a41fa3 | MISC:https://github.com/classgraph/classgraph/pull/539 | MISC:https://github.com/classgraph/classgraph/releases/tag/classgraph-4.8.112