Communications Cloud Native Core Binding Support Function

DATE	CVE	VULNERABILITY TITLE	RISK
2021-08-23	CVE-2021-39148	Unrestricted Upload of File with Dangerous Type vulnerability in multiple products XStream is a simple library to serialize objects to XML and back again. network high complexity xstream-project fedoraproject debian netapp oracle CWE-434	8.5
2021-08-23	CVE-2021-39149	Unrestricted Upload of File with Dangerous Type vulnerability in multiple products XStream is a simple library to serialize objects to XML and back again. network high complexity xstream-project fedoraproject debian netapp oracle CWE-434	8.5
2021-08-23	CVE-2021-39151	Unrestricted Upload of File with Dangerous Type vulnerability in multiple products XStream is a simple library to serialize objects to XML and back again. network high complexity xstream-project fedoraproject debian netapp oracle CWE-434	8.5
2021-08-23	CVE-2021-39153	Unrestricted Upload of File with Dangerous Type vulnerability in multiple products XStream is a simple library to serialize objects to XML and back again. network high complexity xstream-project fedoraproject debian netapp oracle CWE-434	8.5
2021-08-23	CVE-2021-39154	Unrestricted Upload of File with Dangerous Type vulnerability in multiple products XStream is a simple library to serialize objects to XML and back again. network high complexity xstream-project fedoraproject debian netapp oracle CWE-434	8.5
2021-08-18	CVE-2021-21781	Use of Uninitialized Resource vulnerability in multiple products An information disclosure vulnerability exists in the ARM SIGPAGE functionality of Linux Kernel v5.4.66 and v5.4.54. local low complexity linux oracle CWE-908	3.3
2021-08-12	CVE-2021-38604	NULL Pointer Dereference vulnerability in multiple products In librt in the GNU C Library (aka glibc) through 2.34, sysdeps/unix/sysv/linux/mq_notify.c mishandles certain NOTIFY_REMOVED data, leading to a NULL pointer dereference. network low complexity gnu fedoraproject oracle CWE-476	7.5
2021-07-21	CVE-2021-37159	Use After Free vulnerability in multiple products hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free. high complexity linux debian oracle CWE-416	6.4
2021-07-15	CVE-2021-34429	For Eclipse Jetty versions 9.4.37-9.4.42, 10.0.1-10.0.5 & 11.0.1-11.0.5, URIs can be crafted using some encoded characters to access the content of the WEB-INF directory and/or bypass some security constraints. network low complexity eclipse netapp oracle	5.3
2021-07-14	CVE-2021-36373	When reading a specially crafted TAR archive an Apache Ant build can be made to allocate large amounts of memory that finally leads to an out of memory error, even for small inputs. local low complexity apache oracle	5.5