Vulnerabilities > Oracle > Commerce Guided Search
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-09-29 | CVE-2021-22947 | Insufficient Verification of Data Authenticity vulnerability in multiple products When curl >= 7.20.0 and <= 7.78.0 connects to an IMAP or POP3 server to retrieve data using STARTTLS to upgrade to TLS security, the server can respond and send back multiple responses at once that curl caches. | 5.9 |
2021-09-19 | CVE-2021-40690 | Information Exposure vulnerability in multiple products All versions of Apache Santuario - XML Security for Java prior to 2.2.3 and 2.1.7 are vulnerable to an issue where the "secureValidation" property is not passed correctly when creating a KeyInfo from a KeyInfoReference element. | 7.5 |
2021-08-23 | CVE-2021-39140 | Infinite Loop vulnerability in multiple products XStream is a simple library to serialize objects to XML and back again. | 6.3 |
2021-08-23 | CVE-2021-39150 | Deserialization of Untrusted Data vulnerability in multiple products XStream is a simple library to serialize objects to XML and back again. | 8.5 |
2021-08-23 | CVE-2021-39152 | Deserialization of Untrusted Data vulnerability in multiple products XStream is a simple library to serialize objects to XML and back again. | 8.5 |
2021-08-23 | CVE-2021-39139 | Unrestricted Upload of File with Dangerous Type vulnerability in multiple products XStream is a simple library to serialize objects to XML and back again. | 8.8 |
2021-08-23 | CVE-2021-39141 | Unrestricted Upload of File with Dangerous Type vulnerability in multiple products XStream is a simple library to serialize objects to XML and back again. | 8.5 |
2021-08-23 | CVE-2021-39144 | Deserialization of Untrusted Data vulnerability in multiple products XStream is a simple library to serialize objects to XML and back again. | 8.5 |
2021-08-23 | CVE-2021-39145 | Unrestricted Upload of File with Dangerous Type vulnerability in multiple products XStream is a simple library to serialize objects to XML and back again. | 8.5 |
2021-08-23 | CVE-2021-39146 | Unrestricted Upload of File with Dangerous Type vulnerability in multiple products XStream is a simple library to serialize objects to XML and back again. | 8.5 |