Vulnerabilities > Oracle > Commerce Guided Search > High

DATE CVE VULNERABILITY TITLE RISK
2021-08-23 CVE-2021-39145 XStream is a simple library to serialize objects to XML and back again. 8.5
2021-08-23 CVE-2021-39146 XStream is a simple library to serialize objects to XML and back again. 8.5
2021-08-23 CVE-2021-39147 XStream is a simple library to serialize objects to XML and back again. 8.5
2021-08-23 CVE-2021-39148 XStream is a simple library to serialize objects to XML and back again. 8.5
2021-08-23 CVE-2021-39149 XStream is a simple library to serialize objects to XML and back again. 8.5
2021-08-23 CVE-2021-39151 XStream is a simple library to serialize objects to XML and back again. 8.5
2021-08-23 CVE-2021-39154 XStream is a simple library to serialize objects to XML and back again. 8.5
2021-07-13 CVE-2021-35515 Infinite Loop vulnerability in multiple products
When reading a specially crafted 7Z archive, the construction of the list of codecs that decompress an entry can result in an infinite loop.
network
low complexity
apache netapp oracle CWE-835
7.5
2021-07-13 CVE-2021-35516 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
When reading a specially crafted 7Z archive, Compress can be made to allocate large amounts of memory that finally leads to an out of memory error even for very small inputs.
network
low complexity
apache netapp oracle CWE-770
7.5
2021-07-13 CVE-2021-35517 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
When reading a specially crafted TAR archive, Compress can be made to allocate large amounts of memory that finally leads to an out of memory error even for very small inputs.
network
low complexity
apache netapp oracle CWE-770
7.5