Oracle Coherence
23 CVEs affecting Oracle Coherence. Latest disclosed: 2026-06-17. Critical: 11, High: 9.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-35308 | Critical | 10.0 | 2026-06-17 | Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Centralized Third Party Jars). Supported versions that are affected are… |
CVE-2026-35307 | Critical | 10.0 | 2026-06-17 | Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.4.0, 14.1.1.0.0… |
CVE-2026-35310 | Critical | 9.8 | 2026-06-17 | Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.4.0, 14.1.1.0.0… |
CVE-2026-35309 | Critical | 9.8 | 2026-06-17 | Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Centralized Third Party Jars). Supported versions that are affected are… |
CVE-2026-35304 | Critical | 9.8 | 2026-06-17 | Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.4.0, 14.1.1.0.0… |
CVE-2022-21420 | Critical | 9.8 | 2022-04-19 | Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 an… |
CVE-2020-14756 | Critical | 9.8 | 2021-01-20 | Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Core Components). Supported versions that are affected are 3.7.1.0, 12.1… |
CVE-2020-2915 | Critical | 9.8 | 2020-04-15 | Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Caching, CacheStore, Invocation). Supported versions that are affected ar… |
CVE-2020-2555 | Critical | 9.8 | 2020-01-15 | Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Caching,CacheStore,Invocation). Supported versions that are affected are… |
CVE-2026-35306 | Critical | 9.3 | 2026-06-17 | Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Centralized Third Party Jars). The supported version that is affected i… |
CVE-2026-35305 | Critical | 9.3 | 2026-06-17 | Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Centralized Third Party Jars). The supported version that is affected i… |
CVE-2021-2428 | High | 8.1 | 2021-07-21 | Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.1.3.0.0, 12.2.1.3.0, 1… |
CVE-2022-21570 | High | 7.5 | 2022-07-19 | Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 3.7.1.0, 12.2.1.3.0, 12.2… |
CVE-2020-36518 | High | 7.5 | 2022-03-11 | jackson-databind before 2.13.0 allows a Java StackOverflow exception and denial of service via a large depth of nested objects. |
CVE-2021-37136 | High | 7.5 | 2021-10-19 | The Bzip2 decompression decoder function doesn't allow setting size restrictions on the decompressed output data (which affects the allocation size used during… |
CVE-2021-2371 | High | 7.5 | 2021-07-21 | Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 3.7.1.0, 12.1.3.0.0, 12.2… |
CVE-2021-2344 | High | 7.5 | 2021-07-21 | Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 3.7.1.0, 12.1.3.0.0, 12.2… |
CVE-2021-2277 | High | 7.5 | 2021-04-22 | Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 3.7.1.0, 12.1.3.0.0, 12.2… |
CVE-2020-25649 | High | 7.5 | 2020-12-03 | A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw allows vulnerability to XML external entity… |
CVE-2020-14642 | High | 7.5 | 2020-07-15 | Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: CacheStore). Supported versions that are affected are 3.7.1.0, 12.1.3.0.0… |