Lucene search
K

6413 matches found

F5 Networks
F5 Networks
•added 2014/10/02 12:0 a.m.•54 views

SOL15648 - PHP vulnerability CVE-2014-2020

Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents. SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...

6.8CVSS2.6AI score0.06732EPSS
Exploits1References4
F5 Networks
F5 Networks
•added 2014/09/05 12:0 a.m.•54 views

SOL15557 - OpenSSH vulnerability CVE-2011-4327

Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents. SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...

2.1CVSS2.5AI score0.00416EPSS
Exploits0References4
F5 Networks
F5 Networks
•added 2014/08/06 12:0 a.m.•54 views

SOL15480 - PHP vulnerability CVE-2012-2688

Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents. SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...

10CVSS2.6AI score0.10467EPSS
Exploits1References4
F5 Networks
F5 Networks
•added 2014/07/17 12:0 a.m.•54 views

SOL15388 - OpenSSL vulnerability CVE-2011-4108

Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the table does not list any version in the column, then no upgrade candidate currently exists. BIG-IP 11.x To...

4.3CVSS1.1AI score0.15757EPSS
Exploits0References5
F5 Networks
F5 Networks
•added 2014/04/10 12:0 a.m.•54 views

SOL15152 - Ruby vulnerability CVE-2013-4164

Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...

6.8CVSS2.7AI score0.34968EPSS
Exploits3References4
F5 Networks
F5 Networks
•added 2013/03/07 12:0 a.m.•54 views

SOL14261 - OpenSSL OCSP vulnerability CVE-2013-0166

Recommended action To eliminate this vulnerability, upgrade to a version that is listed in the Versions known to be not vulnerable column in the previous table. Supplemental Information Common Vulnerabilities and Exposures CVE-2013-0166 Note: The previous link takes you to a resource outside of...

5CVSS6.6AI score0.1965EPSS
Exploits0References15
F5 Networks
F5 Networks
•added 2011/04/08 12:0 a.m.•54 views

SOL12794 - GNU C Library vulnerability CVE-2010-4052

Vulnerability description and product information. Stack consumption vulnerability in the regcomp implementation in the GNU C Library glibc or libc6 through 2.11.3, and 2.12.x through 2.12.2, allows context-dependent attackers to cause a denial of service. Information about this advisory is...

5CVSS7.5AI score0.51298EPSS
Exploits12
F5 Networks
F5 Networks
•added 2009/04/21 12:0 a.m.•54 views

SOL9990 - icclib vulnerabilities CVE-2009-0583 and CVE-2009-0584

Description Multiple integer overflow flaws which could lead to heap-based buffer overflows, as well as multiple insufficient input validation flaws, were found in Ghostscript's International Color Consortium Format library icclib. Using specially-crafted ICC profiles, an attacker could create a...

9.3CVSS8.3AI score0.04708EPSS
Exploits1
F5 Networks
F5 Networks
•added 2009/03/03 12:0 a.m.•54 views

SOL9762 - OpenSSL vulnerability - CVE-2008-5077

OpenSSL 0.9.8i and earlier versions do not properly check the return value from the EVPVerifyFinal function. Information about this advisory is available at the following locations: Note: These links take you to a resource outside of AskF5, and it is possible that the information may be removed...

7.5CVSS7.2AI score0.0686EPSS
Exploits1
F5 Networks
F5 Networks
•added 2008/09/01 12:0 a.m.•54 views

SOL9108 - Apache Tomcat Cross-site scripting (XSS) vulnerability - CVE-2008-1232

A cross-site scripting XSS vulnerability in Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16 allows remote attackers to inject arbitrary web script or HTML through a crafted string that is used in the message argument to the HttpServletResponse.sendError method...

4.3CVSS6.6AI score0.75865EPSS
Exploits2
F5 Networks
F5 Networks
•added 2007/12/20 12:0 a.m.•54 views

SOL8171 - Linux kernel IA32 System Call vulnerability - CVE-2007-4573

Vulnerability description This security advisory describes a vulnerability in the Linux kernel which may allow local users to gain elevated privileges using the IA32 system call emulation functionality on 64-bit platforms. Information about this advisory is available at the following location:...

7.2CVSS7.3AI score0.0082EPSS
Exploits0
F5 Networks
F5 Networks
•added 2007/03/15 12:0 a.m.•54 views

SOL7005 - Overview of MNIN/NNL-Labs Advisory

Future release Obtaining and installing hotfixes F5 recommends you apply the following hotfixes for your specific FirePass version to address the issues presented in these security advisories: Product | Version | Hotfix ---|---|--- FirePass | 6.0.0 | HF-600-8 or later cumulative hotfix FirePass |...

3.3AI score
Exploits0
F5 Networks
F5 Networks
•added 2024/11/08 7:37 p.m.•53 views

K000148465: Spring framework vulnerability CVE-2024-38816

Security Advisory Description Applications serving static resources through the functional web frameworks WebMvc.fn or WebFlux.fn are vulnerable to path traversal attacks. An attacker can craft malicious HTTP requests and obtain any file on the file system that is also accessible to the process i...

7.5CVSS7.3AI score0.14718EPSS
Exploits1
F5 Networks
F5 Networks
•added 2024/10/28 6:28 p.m.•53 views

K000148287: Apache Tomcat vulnerability CVE-2019-0232

Security Advisory Description When running on Windows with enableCmdLineArguments enabled, the CGI Servlet in Apache Tomcat 9.0.0.M1 to 9.0.17, 8.5.0 to 8.5.39 and 7.0.0 to 7.0.93 is vulnerable to Remote Code Execution due to a bug in the way the JRE passes command line arguments to Windows. The...

9.3CVSS8.3AI score0.99652EPSS
Exploits10
F5 Networks
F5 Networks
•added 2024/04/09 11:12 a.m.•53 views

K000139228: Envoy vulnerability CVE-2024-27919

Security Advisory Description Envoy is a cloud-native, open-source edge and service proxy. In versions 1.29.0 and 1.29.1, theEnvoy HTTP/2 protocol stack is vulnerable to the flood of CONTINUATION frames. Envoy's HTTP/2 codec does not reset a request when header map limits have been exceeded. This...

7.5CVSS8AI score0.86746EPSS
Exploits1
F5 Networks
F5 Networks
•added 2024/04/09 11:7 a.m.•53 views

K000139227: amphp/http vulnerability CVE-2024-2653

Security Advisory Description amphp/http will collect CONTINUATION frames in an unbounded buffer and will not check a limit until it has received the set ENDHEADERS flag, resulting in an OOM crash. CVE-2024-2653 Impact There is no impact; F5 products are not affected by this vulnerability. Securi...

8.2CVSS8.1AI score0.83244EPSS
Exploits1
F5 Networks
F5 Networks
•added 2024/02/21 2:28 a.m.•53 views

K000138649: GnuTLS vulnerabilities CVE-2023-5981 and CVE-2024-0553

Security Advisory Description CVE-2023-5981 A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS1 v1.5 padding. CVE-2024-0553 A vulnerability was found in GnuTLS. The response times to...

7.5CVSS6.5AI score0.01614EPSS
Exploits1Affected Software24
F5 Networks
F5 Networks
•added 2024/02/14 1:33 p.m.•53 views

K000138444: NGINX HTTP/3 QUIC vulnerability CVE-2024-24989

Security Advisory Description When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed requests can cause NGINX worker processes to terminate. CVE-2024-24989 Note : The HTTP/3 QUIC module is not enabled by default and is considered experimental. For more information,...

7.5CVSS7.7AI score0.01061EPSS
Exploits0Affected Software2
F5 Networks
F5 Networks
•added 2024/02/12 9:47 a.m.•53 views

K000138577: Python-asyncssh vulnerability CVE-2023-46446

Security Advisory Description An issue in AsyncSSH before 2.14.1 allows attackers to control the remote end of an SSH client session via packet injection/removal and shell emulation, aka a "Rogue Session Attack." CVE-2023-46446 Impact There is no impact; F5 products are not affected by this...

6.8CVSS7.7AI score0.00867EPSS
Exploits0
F5 Networks
F5 Networks
•added 2024/02/01 10:10 p.m.•53 views

K000138452: Intel CPU BIOS vulnerabilities CVE-2023-25756 and CVE-2023-22329

Security Advisory Description CVE-2023-25756 Out-of-bounds read in the BIOS firmware for some IntelR Processors may allow an authenticated user to potentially enable escalation of privilege via adjacent access. CVE-2023-22329 Improper input validation in the BIOS firmware for some IntelR Processo...

8CVSS5.7AI score0.00403EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/03/21 4:41 p.m.•53 views

K000133092: cURL vulnerability CVE-2022-43552

Security Advisory Description A use after free vulnerability exists in curl 7.87.0. Curl can be asked to tunnel virtually all protocols it supports through an HTTP proxy. HTTP proxies can and often do deny such tunnel operations. When getting denied to tunnel the specific protocols SMB or TELNET,...

5.9CVSS6.7AI score0.02511EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 8:2 p.m.•53 views

K96300145: C Library (SQLite & libxslt) vulnerabilities CVE-2019-16168 CVE-2019-13117 CVE-2019-13118

Security Advisory Description CVE-2019-16168 In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a sqlitestat1 sz field, aka a "severe division by zero in the query planner." CVE-2019-13117 In numbers.c in libxslt...

6.5CVSS6.4AI score0.06457EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 8:2 p.m.•53 views

K23512141: OpenSSL vulnerability CVE-2016-2179

Security Advisory Description The DTLS implementation in OpenSSL before 1.1.0 does not properly restrict the lifetime of queue entries associated with unused out-of-order messages, which allows remote attackers to cause a denial of service memory consumption by maintaining many crafted DTLS...

7.5CVSS8.5AI score0.26559EPSS
Exploits1Affected Software15
F5 Networks
F5 Networks
•added 2023/02/21 8:2 p.m.•53 views

K35322517: BIND vulnerability CVE-2016-8864

Security Advisory Description named in ISC BIND 9.x before 9.9.9-P4, 9.10.x before 9.10.4-P4, and 9.11.x before 9.11.0-P1 allows remote attackers to cause a denial of service assertion failure and daemon exit via a DNAME record in the answer section of a response to a recursive query, related to...

7.5CVSS7.6AI score0.38733EPSS
Exploits0Affected Software14
F5 Networks
F5 Networks
•added 2023/02/21 8:0 p.m.•53 views

K04280042: BIG-IP ASM vulnerability CVE-2019-6650

Security Advisory Description F5 BIG-IP ASM may expose sensitive information and allow the system configuration to be modified when using non-default settings. CVE-2019-6650 Impact The vulnerability is only present on multi-bladed systems VIPRION with BIG-IP ASM provisioned, on the following...

9.1CVSS8.8AI score0.01308EPSS
Exploits0Affected Software1
F5 Networks
F5 Networks
•added 2023/02/21 7:59 p.m.•53 views

K42842401: MySQL vulnerabilities CVE-2018-3145, CVE-2018-3155, CVE-2018-3156, CVE-2018-3161, and CVE-2018-3162

Security Advisory Description CVE-2018-3145 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Parser. Supported versions that are affected are 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protoco...

7.7CVSS6.7AI score0.03716EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:59 p.m.•53 views

K65043534: Multiple INTEL BIOS vulnerabilities

Security Advisory Description CVE-2017-5705 Multiple buffer overflows in kernel in Intel Manageability Engine Firmware 11.0/11.5/11.6/11.7/11.10/11.20 allow attacker with local access to the system to execute arbitrary code. CVE-2017-5706 Multiple buffer overflows in kernel in Intel Server Platfo...

9CVSS8AI score0.04407EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:58 p.m.•53 views

K16764: PHP vulnerability CVE-2015-4022

Security Advisory Description Integer overflow in the ftpgenlist function in ext/ftp/ftp.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote FTP servers to execute arbitrary code via a long reply to a LIST command, leading to a heap-based buffer overflow. CVE-2015-40...

7.5CVSS9.5AI score0.20837EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 7:57 p.m.•53 views

K17125: Multiple Java vulnerabilities

Security Advisory Description CVE-2015-0458 Unspecified vulnerability in in Oracle Java SE 6u91, 7u76, and 8u40 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. CVE-2015-0459 Unspecified vulnerability in Oracle Java SE 5.0u8...

10CVSS7AI score0.07224EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:57 p.m.•53 views

K56851402: Linux kernel vulnerability CVE-2019-17666

Security Advisory Description rtlp2pnoaie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel through 5.3.6 lacks a certain upper-bound check, leading to a buffer overflow. CVE-2019-17666 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory...

8.8CVSS6.8AI score0.03017EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:56 p.m.•53 views

K00947806: Linux kernel vulnerability CVE-2019-3846

Security Advisory Description A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network. CVE-2019-3846 Impact There is no impact; F5 products are not affected by this vulnerability...

8.8CVSS7.7AI score0.05649EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 7:53 p.m.•53 views

K52868493: libssh vulnerability CVE-2018-10933

Security Advisory Description A vulnerability was found in libssh's server-side state machine before versions 0.7.6 and 0.8.4. A malicious client could create channels without first performing authentication, resulting in unauthorized access. CVE-2018-10933 Impact There is no impact. F5 products...

9.1CVSS7.1AI score0.91789EPSS
Exploits11
F5 Networks
F5 Networks
•added 2023/02/21 7:46 p.m.•53 views

K14236: OpenSSL vulnerability CVE-2012-2686

Security Advisory Description A flaw in the OpenSSL handling of CBC ciphersuites in TLS 1.1 and TLS 1.2 on AES-NI supporting platforms can be exploited in a denial-of-service DoS attack. Anyone using an AES-NI platform for TLS 1.2 or TLS 1.1 on OpenSSL 1.0.1 before 1.0.1d is affected. Platforms...

9AI score
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 7:41 p.m.•53 views

K16833: Linux vulnerability CVE-2014-7826

Security Advisory Description kernel/trace/tracesyscalls.c in the Linux kernel through 3.17.2 does not properly handle private syscall numbers during use of the ftrace subsystem, which allows local users to gain privileges or cause a denial of service invalid pointer dereference via a crafted...

7.8CVSS6.2AI score0.00589EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 7:33 p.m.•53 views

K01324833: NTP vulnerability CVE-2015-8158

Security Advisory Description The getresponse function in ntpq in NTP versions before 4.2.8p9 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service infinite loop via crafted packets with incorrect values. CVE-2015-8158 Impact When this vulnerability is exploited, an attacke...

5.9CVSS6.7AI score0.07546EPSS
Exploits0Affected Software23
F5 Networks
F5 Networks
•added 2023/02/21 6:59 p.m.•53 views

K25200948: Linux kernel vulnerability CVE-2021-33034

Security Advisory Description In the Linux kernel before 5.12.4, net/bluetooth/hcievent.c has a use-after-free when destroying an hcichan, aka CID-5c4c8c954409. This leads to writing an arbitrary value. CVE-2021-33034 Impact There is no impact; F5 products are not affected by this vulnerability...

7.8CVSS6.5AI score0.00819EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 6:59 p.m.•53 views

K55405388: NTP vulnerability CVE-2016-9311

Security Advisory Description ntpd in NTP before 4.2.8p9, when the trap service is enabled, allows remote attackers to cause a denial of service NULL pointer dereference and crash via a crafted packet. CVE-2016-9311 Impact A remote attacker may be able to send a specially crafted packet to cause ...

7.1CVSS6.5AI score0.11174EPSS
Exploits1Affected Software23
F5 Networks
F5 Networks
•added 2023/02/21 6:55 p.m.•53 views

K39573942: DHCP vulnerability CVE-2019-6470

Security Advisory Description There had existed in one of the ISC BIND libraries a bug in a function that was used by dhcpd when operating in DHCPv6 mode. There was also a bug in dhcpd relating to the use of this function per its documentation, but the bug in the library function prevented this...

7.5CVSS6.8AI score0.08813EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•53 views

K41412302: Jetty vulnerability CVE-2019-10247

Security Advisory Description In Eclipse Jetty version 7.x, 8.x, 9.2.27 and older, 9.3.26 and older, and 9.4.16 and older, the server running on any OS and Jetty version combination will reveal the configured fully qualified directory base resource location on the output of the 404 error for not...

5.3CVSS6.6AI score0.05782EPSS
Exploits0Affected Software2
F5 Networks
F5 Networks
•added 2023/02/21 6:54 p.m.•53 views

K71249196: Python-Pillow vulnerability CVE-2021-25288

Security Advisory Description An issue was discovered in Pillow before 8.2.0. There is an out-of-bounds read in J2kDecode, in j2kugrayi. CVE-2021-25288 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product Development has evaluated the...

9.1CVSS7.6AI score0.02342EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•53 views

K97521840: logback vulnerability CVE-2021-42550

Security Advisory Description In logback version 1.2.7 and prior versions, an attacker with the required privileges to edit configurations files could craft a malicious configuration allowing to execute arbitrary code loaded from LDAP servers. CVE-2021-42550 Impact There is no impact; F5 products...

8.5CVSS7.5AI score0.04439EPSS
Exploits1
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•53 views

K83181523: PHP vulnerability CVE-2018-10546

Security Advisory Description An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. An infinite loop exists in ext/iconv/iconv.c because the iconv stream filter does not reject invalid multibyte sequences. CVE-2018-10546 Impact There is no...

7.5CVSS7AI score0.10433EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•53 views

K54039800: MatrixSSL vulnerability CVE-2016-6883

Security Advisory Description MatrixSSL before 3.8.3 configured with RSA Cipher Suites allows remote attackers to obtain sensitive information via a Bleichenbacher variant attack. CVE-2016-6883 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status...

5.9CVSS6.4AI score0.13906EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•53 views

K95375529: PHP vulnerabilities CVE-2013-7456, CVE-2016-4343, and CVE-2016-5093

Security Advisory Description CVE-2013-7456 gdinterpolation.c in the GD Graphics Library aka libgd before 2.1.1, as used in PHP before 5.5.36, 5.6.x before 5.6.22, and 7.x before 7.0.7, allows remote attackers to cause a denial of service out-of-bounds read or possibly have unspecified other impa...

8.8CVSS9.1AI score0.05487EPSS
Exploits3
F5 Networks
F5 Networks
•added 2023/02/21 6:53 p.m.•53 views

K63525058: cURL vulnerability CVE-2020-8284

Security Advisory Description A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially make curl extract information about services that are otherwise private and not disclosed, for example doin...

4.3CVSS6.6AI score0.03851EPSS
Exploits0Affected Software17
F5 Networks
F5 Networks
•added 2023/02/21 6:52 p.m.•53 views

K64119434: GNU C Library vulnerability CVE-2009-5155

Security Advisory Description In the GNU C Library aka glibc or libc6 before 2.28, parseregexp in posix/regcomp.c misparses alternatives, which allows attackers to cause a denial of service assertion failure and application exit or trigger an incorrect result by attempting a regular-expression...

7.5CVSS6.5AI score0.03906EPSS
Exploits1Affected Software14
F5 Networks
F5 Networks
•added 2023/02/21 6:48 p.m.•53 views

K63314101: Multiple MySQL vulnerabilities

Security Advisory Description CVE-2022-21451 Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 5.7.37 and prior and 8.0.28 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via...

6.5CVSS5.8AI score0.02959EPSS
Exploits0
F5 Networks
F5 Networks
•added 2023/02/21 6:48 p.m.•53 views

K44945790: glibc vulnerability CVE-2021-3326

Security Advisory Description The iconv function in the GNU C Library aka glibc or libc6 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service. CVE-2021-3326...

7.5CVSS7.2AI score0.03093EPSS
Exploits0Affected Software14
F5 Networks
F5 Networks
•added 2023/02/21 6:48 p.m.•53 views

K72255110: MySQL vulnerability CVE-2016-6662

Security Advisory Description Oracle MySQL through 5.5.52, 5.6.x through 5.6.33, and 5.7.x through 5.7.15; MariaDB before 5.5.51, 10.0.x before 10.0.27, and 10.1.x before 10.1.17; and Percona Server before 5.5.51-38.1, 5.6.x before 5.6.32-78.0, and 5.7.x before 5.7.14-7 allow local users to creat...

10CVSS8.8AI score0.6773EPSS
Exploits16
F5 Networks
F5 Networks
•added 2023/02/21 6:47 p.m.•53 views

K54225343: libxml2 vulnerabilities CVE-2016-3627 and CVE-2016-3705

Security Advisory Description CVE-2016-3627 The xmlStringGetNodeList function in tree.c in libxml2 2.9.3 and earlier, when used in recovery mode, allows context-dependent attackers to cause a denial of service infinite recursion, stack consumption, and application crash via a crafted XML document...

7.5CVSS6.9AI score0.07025EPSS
Exploits1Affected Software22
Total number of security vulnerabilities5000