CVE-2024-35532

Name of the Vulnerable Software and Affected Versions: Intersec Geosafe-ea versions 2022.12 through 2022.14

Description: The issue allows attackers to perform arbitrary file reading under the privileges of the running process, make SSRF requests, or cause a Denial of Service (DoS) via unspecified vectors. This is due to an XML External Entity (XXE) injection vulnerability.

Recommendations: For versions 2022.12 through 2022.14, update to a version that includes a fix for the XXE injection vulnerability. At the moment, there is no information about a newer version that contains a fix for this vulnerability.