2.4.1

DATE	CVE	VULNERABILITY TITLE	RISK
2019-11-08	CVE-2019-10219	A vulnerability was found in Hibernate-Validator. network low complexity redhat netapp oracle	6.1
2019-10-23	CVE-2019-12415	XXE vulnerability in multiple products In Apache POI up to 4.1.0, when using the tool XSSFExportToXml to convert user-provided Microsoft Excel documents, a specially crafted document can allow an attacker to read files from the local filesystem or from internal network resources via XML External Entity (XXE) Processing. local low complexity apache oracle CWE-611	5.5
2019-10-16	CVE-2019-2904	Unspecified vulnerability in Oracle products Vulnerability in the Oracle JDeveloper and ADF product of Oracle Fusion Middleware (component: ADF Faces). network low complexity oracle critical	9.8
2019-10-12	CVE-2019-17531	Deserialization of Untrusted Data vulnerability in multiple products A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. network low complexity fasterxml debian redhat oracle netapp CWE-502 critical	9.8
2019-10-10	CVE-2019-17495	Cross-Site Request Forgery (CSRF) vulnerability in multiple products A Cascading Style Sheets (CSS) injection vulnerability in Swagger UI before 3.23.11 allows attackers to use the Relative Path Overwrite (RPO) technique to perform CSS-based input field value exfiltration, such as exfiltration of a CSRF token value. network low complexity smartbear oracle CWE-352 critical	9.8
2019-10-01	CVE-2019-16943	Deserialization of Untrusted Data vulnerability in multiple products A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. network low complexity fasterxml debian fedoraproject redhat oracle netapp CWE-502 critical	9.8
2019-10-01	CVE-2019-16942	Deserialization of Untrusted Data vulnerability in multiple products A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. network low complexity fasterxml debian fedoraproject redhat netapp oracle CWE-502 critical	9.8
2019-09-15	CVE-2019-16335	Deserialization of Untrusted Data vulnerability in multiple products A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. network low complexity fasterxml fedoraproject debian netapp redhat oracle CWE-502 critical	9.8
2019-09-15	CVE-2019-14540	Deserialization of Untrusted Data vulnerability in multiple products A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. network low complexity fasterxml netapp fedoraproject debian redhat oracle CWE-502 critical	9.8
2019-07-30	CVE-2019-14439	Deserialization of Untrusted Data vulnerability in multiple products A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9.2. network low complexity fasterxml debian fedoraproject apache redhat oracle CWE-502	7.5