← Back

Base Sas

base_sas

Vendor: Sas • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2019-14678
1Sas
2Base Sas
Xml Mapper
Nov 21, 2024
Nov 14, 2019
N/A· v4
10.0 CRITICAL· v3
7.5 HIGH· v2
SAS XML Mapper 9.45 has an XML External Entity (XXE) vulnerability that can be leveraged by malicious attackers in multiple ways. Examples are Local File Reading, Out Of Band File Exfiltration, Server Side Request Forger...Show more
SAS XML Mapper 9.45 has an XML External Entity (XXE) vulnerability that can be leveraged by malicious attackers in multiple ways. Examples are Local File Reading, Out Of Band File Exfiltration, Server Side Request Forgery, and/or Potential Denial of Service attacks. This vulnerability also affects the XMLV2 LIBNAME engine when the AUTOMAP option is used.Show less
CVE-2014-2262
1Sas
1Base Sas
Apr 29, 2026
Mar 1, 2014
N/A· v4
N/A· v3
9.3 HIGH· v2
Buffer overflow in the client application in Base SAS 9.2 TS2M3, SAS 9.3 TS1M1 and TS1M2, and SAS 9.4 TS1M0 allows user-assisted remote attackers to execute arbitrary code via a crafted SAS program.