Vulnerabilities > Oracle > Coherence
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-11 | CVE-2020-36518 | Out-of-bounds Write vulnerability in multiple products jackson-databind before 2.13.0 allows a Java StackOverflow exception and denial of service via a large depth of nested objects. | 7.5 |
| 2021-12-09 | CVE-2021-43797 | Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. | 6.5 |
| 2021-10-19 | CVE-2021-37136 | Resource Exhaustion vulnerability in multiple products The Bzip2 decompression decoder function doesn't allow setting size restrictions on the decompressed output data (which affects the allocation size used during decompression). | 7.5 |
| 2021-03-30 | CVE-2021-21409 | Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. | 5.9 |
| 2021-01-20 | CVE-2020-14756 | Unspecified vulnerability in Oracle Coherence and Utilities Framework Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Core Components). | 9.8 |
| 2020-12-03 | CVE-2020-25649 | XXE vulnerability in multiple products A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. | 7.5 |
| 2020-07-15 | CVE-2020-14642 | Improper Resource Shutdown or Release vulnerability in Oracle Coherence Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: CacheStore). | 7.5 |
| 2020-04-15 | CVE-2020-2949 | Unspecified vulnerability in Oracle Coherence Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Caching, CacheStore, Invocation). | 5.3 |
| 2020-04-15 | CVE-2020-2915 | Unspecified vulnerability in Oracle Coherence Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Caching, CacheStore, Invocation). | 9.8 |
| 2020-01-15 | CVE-2020-2555 | Deserialization of Untrusted Data vulnerability in Oracle products Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Caching,CacheStore,Invocation). | 9.8 |