CVE-2025-14543

Name of the Vulnerable Software and Affected Versions Connext Professional versions 7.4.0 through 7.6.x Connext Professional versions 7.0.0 through 7.3.1.0 Connext Professional versions 6.1.0 through 6.1.x Connext Professional versions 6.0.0 through 6.0.x Connext Professional versions 5.3.0 through 5.3.x Connext Professional versions 4.3x through 5.1.x

Description Improper Restriction of XML External Entity Reference in the Core Libraries allows Serialized Data External Linking. This occurs when an application fails to restrict XML external entity references, which can lead to the processing of external entities within XML documents.

Recommendations Update versions 7.4.0 through 7.6.x to version 7.7.0. Update versions 7.0.0 through 7.3.1.0 to version 7.3.1.1. Update versions 6.1.0 through 6.1.x to the latest 6.1 patch. Update versions 6.0.0 through 6.0.x to the latest 6.0 patch. Update versions 5.3.0 through 5.3.x to the latest 5.3 patch. Update versions 4.3x through 5.1.x to version 5.2.x.