R3Dw0Lfsec

**Name of the Vulnerable Software and Affected Versions** Apache CXF versions prior to 4.2.2 Apache CXF versions prior to 4.1.7 **Description** The `EndpointReferenceUtils` and `W3CMultiSchemaFactory` classes construct a `SAXParserFactory` without the required JAXP hardening configurations. This allows for out-of-band (OOB) external entity resolution, a process where an XML parser is tricked into accessing external resources via external entities. **Recommendations** Upgrade to version 4.2.2. Upgrade to version 4.1.7.

**Name of the Vulnerable Software and Affected Versions** Apache Fory fory-core versions prior to 1.1.0 **Description** Deserialization of untrusted data in the Java replace-resolve path on Java/JVM platforms allows a remote attacker to bypass class registration, TypeChecker, and DisallowedList checks. By using crafted Fory serialized data, an attacker can invoke `readResolve()` and `readExternal()` hooks present on the classpath. **Recommendations** Upgrade to version 1.1.0 or later.