Severity: High
Description: Certain code executed by DataFlux® Data Management Server 2.8 and DataFlux® Data Management Server 2.9.1 might result in improper restriction of XML external entity reference, uncontrolled recursion, and improper control of generation of code, which are related to multiple security vulnerabilities. For additional information, see the following CVEs:
Data Management Server 2.9.1 CVEs:
Data Management Server 2.8 CVEs:
Potential Impact: Impacts might include unauthorized access to sensitive data, bypass of security controls, and reduced availability due to application crashes or denial of service. See the CVE records for additional information.