Juniper Networks has released patches for vulnerabilities affecting its networking and security devices running Junos OS, as well as a bucketload of security flaws in the Junos Space Network Management Platform, the Juniper Advanced Threat Prevention (JATP) appliance, and the SRX Series networking firewalls. Junos OS flaws Junos OS is the FreeBSD-based operating system used in Juniper Networks hardware routers, switches, gateways and security devices. The outlier is CVE-2015-1283, a numeric error vulnerability affecting the Expat XML processing library in Junos OS that could lead to a DoS condition and can be triggered through a specially crafted XML data input. That issue was discovered by external security researchers and Juniper SIRT is aware of a working proof of concept of this vulnerability, but not of any malicious exploitation attempts in the wild. Issues affecting other devices The resolved Junos Space vulnerabilities – 39 CVE-numbered issues – range from medium risk to critical.