Security Advisory Description
In libxml2 before 2.10.4, parsing of certain invalid XSD schemas can lead to a NULL pointer dereference and subsequently a segfault. This occurs in xmlSchemaFixupComplexType in xmlschemas.c. (CVE-2023-28484)
Impact
This vulnerability allows a remote, authenticated (unauthenticated in the case of Traffix) attacker to cause a segmentation fault that can lead to a denial-of-service (DoS) on the affected F5 products.