C. Schwarz

**Name of the Vulnerable Software and Affected Versions** Kiuwan SAST version master.1808.p685.q13371 **Description** The issue arises when the Kiuwan Local Analyzer uploads scan results to the Kiuwan SAST web application, which processes XML files containing external entities. This leads to an XML external entity injection attack. An attacker with privileges to scan source code can extract files from the operating system with the application server user's rights, potentially gaining access to sensitive files like configuration and passwords. The attacker can also initiate connections to internal systems for port scans or access other internal functions and applications. **Recommendations** For version master.1808.p685.q13371, consider disabling the XML entity resolution feature in the Kiuwan SAST web application until a patch is available. Restrict access to the "Code Security" module to minimize the risk of exploitation. Avoid using the Kiuwan Local Analyzer to upload scan results to the Kiuwan SAST web application until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Websense Content Gateway versions prior to 8.0.0 HF02 **Description** A stack-based buffer overflow issue exists in the handle debug network function, allowing remote administrators to cause a denial of service by submitting a crafted diagnostic command line request to the "submit net debug.cgi" API endpoint. **Recommendations** For versions prior to 8.0.0 HF02, update to version 8.0.0 HF02 or later to resolve the issue.