Communications Cloud Native Core Console

DATE	CVE	VULNERABILITY TITLE	RISK
2020-12-02	CVE-2020-25638	SQL Injection vulnerability in multiple products A flaw was found in hibernate-core in versions prior to and including 5.4.23.Final. network high complexity hibernate debian quarkus oracle CWE-89	7.4
2019-11-08	CVE-2019-10219	Cross-site Scripting vulnerability in multiple products A vulnerability was found in Hibernate-Validator. network low complexity redhat netapp oracle CWE-79	6.1
2019-08-20	CVE-2019-10086	Deserialization of Untrusted Data vulnerability in multiple products In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects. network low complexity apache debian opensuse fedoraproject redhat oracle CWE-502	7.3