Vulnerability in CVE-2019-19956 (API Portal )
search cancel

Vulnerability in CVE-2019-19956 (API Portal )

book

Article ID: 206613

calendar_today

Updated On:

Products

CA API Developer Portal

Issue/Introduction

Does API Portal take the influence of the security vulnerability?
If so, is the fix included in the product?

・CVE-2019-19956

Environment

Release : 4.3.2

Component : API PORTAL

Cause

The issues with CVE-2019-19956 are:
xmlParseBalancedChunkMemoryRecover in parser.c in libxml2 before 2.9.10 has a memory leak related.

Resolution

libxml2 is an OS library. The API Portal does not use OS libraries directly, therefore, the API Portal itself is not affected by this vulnerability.

However, there are other Linux commands that rely on it. It is recommended that you upgrade your OS and apply any required patches from the OS vendor.