Oracle Clusterware
5 CVEs affecting Oracle Clusterware. Latest disclosed: 2019-07-23. Critical: 3, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2018-11307 | Critical | 9.8 | 2019-07-09 | An issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.5. Use of Jackson default typing along with a gadget class from iBatis allows exfiltrat… |
CVE-2018-14719 | Critical | 9.8 | 2019-01-02 | FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the blaze-ds-opt and blaze-ds… |
CVE-2017-15095 | Critical | 9.8 | 2018-02-06 | A deserialization flaw was discovered in the jackson-databind in versions before 2.8.10 and 2.9.1, which could allow an unauthenticated user to perform code ex… |
CVE-2018-1000873 | Medium | 6.5 | 2018-12-20 | Fasterxml Jackson version Before 2.9.8 contains a CWE-20: Improper Input Validation vulnerability in Jackson-Modules-Java8 that can result in Causes a denial-o… |
CVE-2019-2860 | Medium | 5.6 | 2019-07-23 | Vulnerability in the Oracle Clusterware component of Oracle Support Tools (subcomponent: Trace File Analyzer (TFA) Collector). The supported version that is af… |