Oracle Big_data_discovery
10 CVEs affecting Oracle Big_data_discovery. Latest disclosed: 2019-10-23. Critical: 2, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2018-1275 | Critical | 9.8 | 2018-04-11 | Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.16 and older unsupported versions, allow applications to expose STOMP over WebSocke… |
CVE-2018-1270 | Critical | 9.8 | 2018-04-06 | Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, allow applications to expose STOMP over WebSocke… |
CVE-2018-1258 | High | 8.8 | 2018-05-11 | Spring Framework version 5.0.5 when used in combination with any versions of Spring Security contains an authorization bypass when using method security. An un… |
CVE-2019-0227 | High | 7.5 | 2019-05-01 | A Server Side Request Forgery (SSRF) vulnerability affected the Apache Axis 1.4 distribution that was last released in 2006. Security and bug commits commits c… |
CVE-2018-1272 | High | 7.5 | 2018-04-06 | Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, provide client-side support for multipart reques… |
CVE-2018-1257 | Medium | 6.5 | 2018-05-11 | Spring Framework, versions 5.0.x prior to 5.0.6, versions 4.3.x prior to 4.3.17, and older unsupported versions allows applications to expose STOMP over WebSoc… |
CVE-2019-11358 | Medium | 6.1 | 2019-04-20 | jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an… |
CVE-2018-8032 | Medium | 6.1 | 2018-08-02 | Apache Axis 1.x up to and including 1.4 is vulnerable to a cross-site scripting (XSS) attack in the default servlet/services. |
CVE-2018-1271 | Medium | 5.9 | 2018-04-06 | Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, allow applications to configure Spring MVC to se… |
CVE-2019-12415 | Medium | 5.5 | 2019-10-23 | In Apache POI up to 4.1.0, when using the tool XSSFExportToXml to convert user-provided Microsoft Excel documents, a specially crafted document can allow an at… |