Vulnerabilities > Oracle > Banking Platform > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-03-23 | CVE-2021-21342 | XStream is a Java library to serialize objects to XML and back again. | 9.1 |
2021-03-23 | CVE-2021-21344 | XStream is a Java library to serialize objects to XML and back again. | 9.8 |
2021-03-23 | CVE-2021-21345 | OS Command Injection vulnerability in multiple products XStream is a Java library to serialize objects to XML and back again. | 9.9 |
2021-03-23 | CVE-2021-21346 | XStream is a Java library to serialize objects to XML and back again. | 9.8 |
2021-03-23 | CVE-2021-21347 | XStream is a Java library to serialize objects to XML and back again. | 9.8 |
2021-03-23 | CVE-2021-21350 | XStream is a Java library to serialize objects to XML and back again. | 9.8 |
2021-03-23 | CVE-2021-21351 | XStream is a Java library to serialize objects to XML and back again. | 9.1 |
2020-05-01 | CVE-2020-10683 | XXE vulnerability in multiple products dom4j before 2.0.3 and 2.1.x before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. | 9.8 |
2020-03-02 | CVE-2020-9546 | Deserialization of Untrusted Data vulnerability in multiple products FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.hadoop.shaded.com.zaxxer.hikari.HikariConfig (aka shaded hikari-config). | 9.8 |
2020-03-02 | CVE-2020-9547 | Deserialization of Untrusted Data vulnerability in multiple products FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to com.ibatis.sqlmap.engine.transaction.jta.JtaTransactionConfig (aka ibatis-sqlmap). | 9.8 |