Vulnerabilities > SAS > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-14 | CVE-2019-14678 | XXE vulnerability in SAS Base SAS and XML Mapper SAS XML Mapper 9.45 has an XML External Entity (XXE) vulnerability that can be leveraged by malicious attackers in multiple ways. | 10.0 |
| 2019-01-17 | CVE-2018-20732 | Deserialization of Untrusted Data vulnerability in SAS web Infrastructure Platform 9.4 SAS Web Infrastructure Platform before 9.4M6 allows remote attackers to execute arbitrary code via a Java deserialization variant. | 9.8 |