Vulnerabilities

    CVE-2014-3530 XXE via insecure DocumentBuilderFactory usage

    cvE-2014-3530 XXE via insecure DocumentBuilderFactory usage

    CVE-2013-5823 UnsyncByteArrayOutputStream Denial of Service

    CVE-2017-5029 Upstream libxslt vulnerabilities

    CVE-2014-3146 Fail to strip Javascript links with non printable chars

    CVE-2017-17042 Directory traversal

    CVE-2014-0105 Privilege escalation in auth_token middleware under sufficient load

    CVE-2014-0086 Remote denial of service via memory exhaustion

    GMS-2017-333 Denial of Service

    CVE-2013-0269 Denial of Service and SQL Injection