Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Juniper Subscribe
Filtered by product Libslax
Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-39533 1 Juniper 1 Libslax 2021-10-01 6.8 MEDIUM 8.8 HIGH
An issue was discovered in libslax through v0.22.1. slaxLexer() in slaxlexer.c has a heap-based buffer overflow.
CVE-2021-39531 1 Juniper 1 Libslax 2021-10-01 6.8 MEDIUM 8.8 HIGH
An issue was discovered in libslax through v0.22.1. slaxLexer() in slaxlexer.c has a stack-based buffer overflow.
CVE-2021-39532 1 Juniper 1 Libslax 2021-10-01 4.3 MEDIUM 6.5 MEDIUM
An issue was discovered in libslax through v0.22.1. A NULL pointer dereference exists in the function slaxLexer() located in slaxlexer.c. It allows an attacker to cause Denial of Service.
CVE-2021-39534 1 Juniper 1 Libslax 2021-10-01 6.8 MEDIUM 8.8 HIGH
An issue was discovered in libslax through v0.22.1. slaxIsCommentStart() in slaxlexer.c has a heap-based buffer overflow.
CVE-2019-1010232 1 Juniper 1 Libslax 2021-07-21 4.3 MEDIUM 6.5 MEDIUM
Juniper juniper/libslax libslax latest version (as of commit 084ddf6ab4a55b59dfa9a53f9c5f14d192c4f8e5 Commits on Sep 1, 2018) is affected by: Buffer Overflow. The impact is: remote dos. The component is: slaxlexer.c:601(funtion:slaxGetInput). The attack vector is: ./slaxproc --slax-to-xslt POC0.