Vulnerabilities > Oracle > Banking Corporate Lending Process Management > 14.2.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-07-31 | CVE-2020-5413 | Deserialization of Untrusted Data vulnerability in multiple products Spring Integration framework provides Kryo Codec implementations as an alternative for Java (de)serialization. | 9.8 |
2020-07-15 | CVE-2020-8203 | Prototype pollution attack when using _.zipObjectDeep in lodash before 4.17.20. | 7.4 |