Severity: High

Description: Certain code executed by DataFlux^® Data Management Studio 2.8 and DataFlux^® Data Management Studio 2.9.1 and DataFlux^® Data Management Server 2.8 and DataFlux^® Data Management Server 2.9.1 might result in improper restriction of XML external entity reference, uncontrolled recursion, and improper control of generation of code, which are related to security vulnerabilities. For additional information, see the following CVEs:

Data Management Studio 2.8 and 2.9.1 CVEs:

• • CVE-2021-33813
  • CVE-2025-48924

Data Management Server 2.8 and 2.9.1 CVEs:

• • CVE-2021-33813
  • CVE-2020-13936
  • CVE-2025-48924

Potential Impact: Impacts might include unauthorized access to sensitive data, bypass of security controls, and reduced availability due to application crashes or denial of service. See the CVE records for additional information.