Oracle Financial_services_enterprise_case_management
11 CVEs affecting Oracle Financial_services_enterprise_case_management. Latest disclosed: 2022-04-01. Critical: 2, High: 6.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2022-22965 | Critical | 9.8 | 2022-04-01 | A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires t… |
CVE-2022-22963 | Critical | 9.8 | 2022-04-01 | In Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions, when using routing functionality it is possible for a user to provide a speciall… |
CVE-2021-2351 | High | 8.3 | 2021-07-21 | Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 19c. Diffi… |
CVE-2020-36518 | High | 7.5 | 2022-03-11 | jackson-databind before 2.13.0 allows a Java StackOverflow exception and denial of service via a large depth of nested objects. |
CVE-2021-36090 | High | 7.5 | 2021-07-13 | When reading a specially crafted ZIP archive, Compress can be made to allocate large amounts of memory that finally leads to an out of memory error even for ve… |
CVE-2021-35517 | High | 7.5 | 2021-07-13 | When reading a specially crafted TAR archive, Compress can be made to allocate large amounts of memory that finally leads to an out of memory error even for ve… |
CVE-2021-35516 | High | 7.5 | 2021-07-13 | When reading a specially crafted 7Z archive, Compress can be made to allocate large amounts of memory that finally leads to an out of memory error even for ver… |
CVE-2021-35515 | High | 7.5 | 2021-07-13 | When reading a specially crafted 7Z archive, the construction of the list of codecs that decompress an entry can result in an infinite loop. This could be used… |
CVE-2022-23437 | Medium | 6.5 | 2022-01-24 | There's a vulnerability within the Apache Xerces Java (XercesJ) XML parser when handling specially crafted XML document payloads. This causes, the XercesJ XML… |
CVE-2019-10219 | Medium | 6.1 | 2019-11-08 | A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious cod… |
CVE-2021-38153 | Medium | 5.9 | 2021-09-22 | Some components in Apache Kafka use `Arrays.equals` to validate a password or key, which is vulnerable to timing attacks that make brute force attacks for such… |