Oracle Goldengate_stream_analytics
10 CVEs affecting Oracle Goldengate_stream_analytics. Latest disclosed: 2020-03-02. Critical: 6, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2019-14893 | Critical | 9.8 | 2020-03-02 | A flaw was discovered in FasterXML jackson-databind in all versions before 2.9.10 and 2.10.0, where it would permit polymorphic deserialization of malicious ob… |
CVE-2019-20330 | Critical | 9.8 | 2020-01-03 | FasterXML jackson-databind 2.x before 2.9.10.2 lacks certain net.sf.ehcache blocking. |
CVE-2019-16335 | Critical | 9.8 | 2019-09-15 | A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariDataSource. This is a different… |
CVE-2019-14540 | Critical | 9.8 | 2019-09-15 | A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariConfig. |
CVE-2019-14379 | Critical | 9.8 | 2019-07-29 | SubTypeValidator.java in FasterXML jackson-databind before 2.9.9.2 mishandles default typing when ehcache is used (because of net.sf.ehcache.transaction.manage… |
CVE-2018-8088 | Critical | 9.8 | 2018-03-20 | org.slf4j.ext.EventData in the slf4j-ext module in QOS.CH SLF4J before 1.8.0-beta2 allows remote attackers to bypass intended access restrictions via crafted d… |
CVE-2019-14439 | High | 7.5 | 2019-07-30 | A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9.2. This occurs when Default Typing is enabled (either globally or for… |
CVE-2019-0222 | High | 7.5 | 2019-03-28 | In Apache ActiveMQ 5.0.0 - 5.15.8, unmarshalling corrupt MQTT frame can lead to broker Out of Memory exception making it unresponsive. |
CVE-2018-8012 | High | 7.5 | 2018-05-21 | No authentication/authorization is enforced when a server attempts to join a quorum in Apache ZooKeeper before 3.4.10, and 3.5.0-alpha through 3.5.3-beta. As a… |
CVE-2019-0201 | Medium | 5.9 | 2019-05-23 | An issue is present in Apache ZooKeeper 1.0.0 to 3.4.13 and 3.5.0-alpha to 3.5.4-beta. ZooKeeper’s getACL() command doesn’t check any permission when retrieves… |