Commerce Guided Search

DATE	CVE	VULNERABILITY TITLE	RISK
2021-09-29	CVE-2021-22947	Insufficient Verification of Data Authenticity vulnerability in multiple products When curl >= 7.20.0 and <= 7.78.0 connects to an IMAP or POP3 server to retrieve data using STARTTLS to upgrade to TLS security, the server can respond and send back multiple responses at once that curl caches. network high complexity haxx fedoraproject debian netapp oracle siemens apple splunk CWE-345	5.9
2021-09-19	CVE-2021-40690	Information Exposure vulnerability in multiple products All versions of Apache Santuario - XML Security for Java prior to 2.2.3 and 2.1.7 are vulnerable to an issue where the "secureValidation" property is not passed correctly when creating a KeyInfo from a KeyInfoReference element. network low complexity apache debian oracle CWE-200	7.5
2021-08-23	CVE-2021-39140	Infinite Loop vulnerability in multiple products XStream is a simple library to serialize objects to XML and back again. network high complexity xstream-project debian fedoraproject netapp oracle CWE-835	6.3
2021-08-23	CVE-2021-39150	Deserialization of Untrusted Data vulnerability in multiple products XStream is a simple library to serialize objects to XML and back again. network high complexity xstream-project fedoraproject debian netapp oracle CWE-502	8.5
2021-08-23	CVE-2021-39152	Deserialization of Untrusted Data vulnerability in multiple products XStream is a simple library to serialize objects to XML and back again. network high complexity xstream-project fedoraproject debian netapp oracle CWE-502	8.5
2021-08-23	CVE-2021-39139	Unrestricted Upload of File with Dangerous Type vulnerability in multiple products XStream is a simple library to serialize objects to XML and back again. network low complexity xstream-project debian fedoraproject netapp oracle CWE-434	8.8
2021-08-23	CVE-2021-39141	Unrestricted Upload of File with Dangerous Type vulnerability in multiple products XStream is a simple library to serialize objects to XML and back again. network high complexity xstream-project debian fedoraproject netapp oracle CWE-434	8.5
2021-08-23	CVE-2021-39144	Deserialization of Untrusted Data vulnerability in multiple products XStream is a simple library to serialize objects to XML and back again. network high complexity xstream-project debian fedoraproject netapp oracle CWE-502	8.5
2021-08-23	CVE-2021-39145	Unrestricted Upload of File with Dangerous Type vulnerability in multiple products XStream is a simple library to serialize objects to XML and back again. network high complexity xstream-project debian fedoraproject netapp oracle CWE-434	8.5
2021-08-23	CVE-2021-39146	Unrestricted Upload of File with Dangerous Type vulnerability in multiple products XStream is a simple library to serialize objects to XML and back again. network high complexity xstream-project fedoraproject debian netapp oracle CWE-434	8.5