Juniper Libslax vulnerabilities
5 known vulnerabilities affecting juniper/libslax.
Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH3MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2021-39534HIGHCVSS 8.8≤ 0.22.12021-09-20
CVE-2021-39534 [HIGH] CWE-787 CVE-2021-39534: An issue was discovered in libslax through v0.22.1. slaxIsCommentStart() in slaxlexer.c has a heap-b
An issue was discovered in libslax through v0.22.1. slaxIsCommentStart() in slaxlexer.c has a heap-based buffer overflow.
nvd
CVE-2021-39533HIGHCVSS 8.8≤ 0.22.12021-09-20
CVE-2021-39533 [HIGH] CWE-787 CVE-2021-39533: An issue was discovered in libslax through v0.22.1. slaxLexer() in slaxlexer.c has a heap-based buff
An issue was discovered in libslax through v0.22.1. slaxLexer() in slaxlexer.c has a heap-based buffer overflow.
nvd
CVE-2021-39531HIGHCVSS 8.8≤ 0.22.12021-09-20
CVE-2021-39531 [HIGH] CWE-787 CVE-2021-39531: An issue was discovered in libslax through v0.22.1. slaxLexer() in slaxlexer.c has a stack-based buf
An issue was discovered in libslax through v0.22.1. slaxLexer() in slaxlexer.c has a stack-based buffer overflow.
nvd
CVE-2021-39532MEDIUMCVSS 6.5≤ 0.22.12021-09-20
CVE-2021-39532 [MEDIUM] CWE-476 CVE-2021-39532: An issue was discovered in libslax through v0.22.1. A NULL pointer dereference exists in the functio
An issue was discovered in libslax through v0.22.1. A NULL pointer dereference exists in the function slaxLexer() located in slaxlexer.c. It allows an attacker to cause Denial of Service.
nvd
CVE-2019-1010232MEDIUMCVSS 6.5v0.22.02019-07-22
CVE-2019-1010232 [MEDIUM] CWE-787 CVE-2019-1010232: Juniper juniper/libslax libslax latest version (as of commit 084ddf6ab4a55b59dfa9a53f9c5f14d192c4f8e
Juniper juniper/libslax libslax latest version (as of commit 084ddf6ab4a55b59dfa9a53f9c5f14d192c4f8e5 Commits on Sep 1, 2018) is affected by: Buffer Overflow. The impact is: remote dos. The component is: slaxlexer.c:601(funtion:slaxGetInput). The attack vector is: ./slaxproc --slax-to-xslt POC0.
nvd