Three use-after-free vulnerabilities have been found in the legacy parser libxml2 of Airlock 4.2.x. We rate the risk of this vulnerability as low since Airlock protects against attacks trying to manipulate the HTML sent from a back-end system.
The standard HTML parser of Airlock, available since version 4.2.2 of Airlock, is not vulnerable to this issue.
To check which HTML parser is active on you Airlock system login to the Configuration Center, go to "Application Firewall" - "Reverse Proxy" - open the Mapping you want to check - go to the "Advanced" tab and check the "Use libxml2 HTML parser (legacy)" check box in the section "Content parsing" .
no action required.