Filtered by vendor Sap Se
Subscriptions
Filtered by product Sapui5
Subscriptions
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-42873 | 2 Sap, Sap Se | 2 Sapui5, Sapui5 | 2025-12-09 | 5.9 Medium |
| SAPUI5 (and OpenUI5) packages use outdated 3rd party libraries with known security vulnerabilities. When markdown-it encounters special malformed input, it fails to terminate properly, resulting in an infinite loop. This Denial of Service via infinite loop causes high CPU usage and system unresponsiveness due to a blocked processing thread. This vulnerability has no impact on confidentiality or integrity but has a high impact on system availability. | ||||
| CVE-2024-33007 | 1 Sap Se | 1 Sapui5 | 2024-11-21 | 3.5 Low |
| PDFViewer is a control delivered as part of SAPUI5 product which shows the PDF content in an embedded mode by default. If a PDF document contains embedded JavaScript (or any harmful client-side script), the PDFViewer will execute the JavaScript embedded in the PDF which can cause a potential security threat. | ||||
Page 1 of 1.