Does API Portal take the influence of the security vulnerability?
If so, is the fix included in the product?
・CVE-2019-19956
Release : 4.3.2
Component : API PORTAL
The issues with CVE-2019-19956 are:
xmlParseBalancedChunkMemoryRecover in parser.c in libxml2 before 2.9.10 has a memory leak related.
libxml2 is an OS library.
API Portal does not use OS libraries directly.
Therefore, the API Portal itself is not affected by this vulnerability.
But many Linux commands will rely on it.
So recommend upgrade their OS, and apply the patch from the OS vendor.