Juniper juniper/libslax libslax latest version (as of commit 084ddf6ab4a55b59dfa9a53f9c5f14d192c4f8e5 Commits on Sep 1, 2018) is affected by: Buffer Overflow. The impact is: remote dos. The component is: slaxlexer.c:601(funtion:slaxGetInput). The attack vector is: ./slaxproc --slax-to-xslt POC0.
6.5CVSS
6.5AI Score
0.001EPSS
An issue was discovered in libslax through v0.22.1. slaxLexer() in slaxlexer.c has a stack-based buffer overflow.
8.8CVSS
8.7AI Score
0.002EPSS
An issue was discovered in libslax through v0.22.1. A NULL pointer dereference exists in the function slaxLexer() located in slaxlexer.c. It allows an attacker to cause Denial of Service.
6.5CVSS
6.3AI Score
0.001EPSS
An issue was discovered in libslax through v0.22.1. slaxLexer() in slaxlexer.c has a heap-based buffer overflow.
8.8CVSS
8.7AI Score
0.002EPSS
An issue was discovered in libslax through v0.22.1. slaxIsCommentStart() in slaxlexer.c has a heap-based buffer overflow.
8.8CVSS
8.7AI Score
0.002EPSS