Loading HuntDB...

GHSA-mfj7-pc34-cqm8

GitHub Security Advisory

⚠ Unreviewed MODERATE Has CVE

Advisory Details

An XML entity expansion or XEE vulnerability in SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows an unauthenticated attacker to send specially crafted XML requests in-order-to temporarily cause resource exhaustion thereby resulting in a limited-time DoS.

Related CVEs

Key Information

GHSA ID
GHSA-mfj7-pc34-cqm8
Published
April 4, 2024 9:30 PM
Last Modified
April 4, 2024 9:30 PM
CVSS Score
5.0 /10
Primary Ecosystem
Unknown
Primary Package
Unknown
GitHub Reviewed
✗ No

Dataset

Last updated: June 17, 2025 6:25 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.