Security Advisory Description In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_ ...
More info:
https://my.f5.com/manage/s/article/K05295469?utm_source=f5support&utm_medium=RSS
Security Advisory Description Grafana is an open source data visualization platform. In affected versions unauthenticated and authenticated users are able to view the snapshot with the lowest ...
More info:
https://my.f5.com/manage/s/article/K22322802?utm_source=f5support&utm_medium=RSS
Security Advisory Description libexpat before 2.4.9 has a use-after-free in the doContent function in xmlparse.c. (CVE-2022-40674) Impact An attacker may be able to use crafted XML to reference ...
More info:
https://my.f5.com/manage/s/article/K44454157?utm_source=f5support&utm_medium=RSS
Security Advisory Description JMSSink in all versions of Log4j 1.x is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration or if the ...
More info:
https://my.f5.com/manage/s/article/K59563964?utm_source=f5support&utm_medium=RSS
Security Advisory Description A carefully crafted request uri-path can cause mod_proxy_uwsgi to read above the allocated memory and crash (DoS). This issue affects Apache HTTP Server versions 2.4. ...
More info:
https://my.f5.com/manage/s/article/K13401920?utm_source=f5support&utm_medium=RSS
Security Advisory Description CVE-2020-9493 identified a deserialization issue that was present in Apache Chainsaw. Prior to Chainsaw V2.0 Chainsaw was a component of Apache Log4j 1.2.x where the ...
More info:
https://my.f5.com/manage/s/article/K00322972?utm_source=f5support&utm_medium=RSS
