本頁列出影響 juniper libslax 的已公開 CVE 漏洞(透過 NVD CPE 關聯)。每列包含嚴重程度評分、摘要與發布日期,便於識別與分析安全議題。
| CVE | 摘要 | 來源 | 最高 CVSS | EPSS % | 公開時間 | 更新時間 |
|---|---|---|---|---|---|---|
| CVE-2021-39534 | An issue was discovered in libslax through v0.22.1. slaxIsCommentStart() in slaxlexer.c has a heap-based buffer overflow. | [email protected] | 8.8 | 1.18% | 2021-09-20 | 2026-06-17 |
| CVE-2021-39533 | An issue was discovered in libslax through v0.22.1. slaxLexer() in slaxlexer.c has a heap-based buffer overflow. | [email protected] | 8.8 | 1.18% | 2021-09-20 | 2026-06-17 |
| CVE-2021-39532 | An issue was discovered in libslax through v0.22.1. A NULL pointer dereference exists in the function slaxLexer() located in slaxlexer.c. It allows an attacker to cause Denial of Service. | [email protected] | 6.5 | 0.83% | 2021-09-20 | 2026-06-17 |
| CVE-2021-39531 | An issue was discovered in libslax through v0.22.1. slaxLexer() in slaxlexer.c has a stack-based buffer overflow. | [email protected] | 8.8 | 1.18% | 2021-09-20 | 2026-06-17 |
| CVE-2019-1010232 | Juniper juniper/libslax libslax latest version (as of commit 084ddf6ab4a55b59dfa9a53f9c5f14d192c4f8e5 Commits on Sep 1, 2018) is affected by: Buffer Overflow. The impact is: remote dos. The component is: slaxlexer.c:601(funtion:slaxGetInput). The attack vector is: ./slaxproc --slax-to-xslt POC0. | [email protected] | 6.5 | 1.05% | 2019-07-22 | 2026-06-16 |