Vulnerabilities > Oracle > Communications Cloud Native Core Network Slice Selection Function > 1.8.0

DATE	CVE	VULNERABILITY TITLE	RISK
2021-06-11	CVE-2021-22897	Exposure of Resource to Wrong Sphere vulnerability in multiple products curl 7.61.0 through 7.76.1 suffers from exposure of data element to wrong session due to a mistake in the code for CURLOPT_SSL_CIPHER_LIST when libcurl is built to use the Schannel TLS library. network low complexity haxx oracle netapp siemens splunk CWE-668	5.3
2021-06-11	CVE-2021-22898	Missing Initialization of Resource vulnerability in multiple products curl 7.7 through 7.76.1 suffers from an information disclosure when the `-t` command line option, known as `CURLOPT_TELNETOPTIONS` in libcurl, is used to send variable=content pairs to TELNET servers. network high complexity haxx debian fedoraproject oracle siemens splunk CWE-909	3.1
2021-06-11	CVE-2021-22901	Use After Free vulnerability in multiple products curl 7.75.0 through 7.76.1 suffers from a use-after-free vulnerability resulting in already freed memory being used when a TLS 1.3 session ticket arrives over a connection. network high complexity haxx oracle netapp siemens splunk CWE-416	8.1
2021-06-08	CVE-2021-33560	Information Exposure Through Discrepancy vulnerability in multiple products Libgcrypt before 1.8.8 and 1.9.x before 1.9.3 mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm, and the window size is not chosen appropriately. network low complexity gnupg debian fedoraproject oracle CWE-203	7.5
2021-05-06	CVE-2021-29921	In Python before 3,9,5, the ipaddress library mishandles leading zero characters in the octets of an IP address string. network low complexity python oracle critical	9.8

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.