Vulnerabilities > Oracle > Agile PLM > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-01-24 CVE-2022-23437 Infinite Loop vulnerability in multiple products
There's a vulnerability within the Apache Xerces Java (XercesJ) XML parser when handling specially crafted XML document payloads.
network
low complexity
apache oracle netapp CWE-835
6.5
6.5
2021-12-18 CVE-2021-45105 Uncontrolled Recursion vulnerability in multiple products
Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from self-referential lookups.
network
high complexity
apache netapp debian sonicwall oracle CWE-674
5.9
5.9
2021-11-17 CVE-2021-41164 CKEditor4 is an open source WYSIWYG HTML editor.
network
low complexity
ckeditor drupal oracle fedoraproject
5.4
5.4
2021-11-10 CVE-2021-3572 A flaw was found in python-pip in the way it handled Unicode separators in git references.
network
low complexity
pypa oracle
5.7
5.7
2021-10-26 CVE-2021-41182 jQuery-UI is the official jQuery user interface library. 6.1
6.1
2021-10-26 CVE-2021-41183 jQuery-UI is the official jQuery user interface library. 6.1
6.1
2021-10-26 CVE-2021-41184 jQuery-UI is the official jQuery user interface library. 6.1
6.1
2021-07-14 CVE-2021-36373 When reading a specially crafted TAR archive an Apache Ant build can be made to allocate large amounts of memory that finally leads to an out of memory error, even for small inputs.
local
low complexity
apache oracle
5.5
5.5
2021-07-14 CVE-2021-36374 When reading a specially crafted ZIP archive, or a derived formats, an Apache Ant build can be made to allocate large amounts of memory that leads to an out of memory error, even for small inputs.
local
low complexity
apache oracle
5.5
5.5
2021-07-12 CVE-2021-33037 HTTP Request Smuggling vulnerability in multiple products
Apache Tomcat 10.0.0-M1 to 10.0.6, 9.0.0.M1 to 9.0.46 and 8.5.0 to 8.5.66 did not correctly parse the HTTP transfer-encoding request header in some circumstances leading to the possibility to request smuggling when used with a reverse proxy.
network
low complexity
apache debian oracle mcafee CWE-444
5.3
5.3