Vulnerabilities > Oracle > Communications Cloud Native Core Policy

DATE CVE VULNERABILITY TITLE RISK
2021-10-20 CVE-2021-35574 Unspecified vulnerability in Oracle products
Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Filters).
network
low complexity
oracle
7.5
2021-10-20 CVE-2021-42739 Out-of-bounds Write vulnerability in multiple products
The firewire subsystem in the Linux kernel through 5.14.13 has a buffer overflow related to drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt mishandles bounds checking.
6.7
2021-10-19 CVE-2021-37136 Resource Exhaustion vulnerability in multiple products
The Bzip2 decompression decoder function doesn't allow setting size restrictions on the decompressed output data (which affects the allocation size used during decompression).
network
low complexity
netty quarkus oracle netapp debian CWE-400
7.5
2021-09-22 CVE-2021-38153 Information Exposure Through Discrepancy vulnerability in multiple products
Some components in Apache Kafka use `Arrays.equals` to validate a password or key, which is vulnerable to timing attacks that make brute force attacks for such credentials more likely to be successful.
network
high complexity
apache quarkus oracle CWE-203
5.9
2021-09-17 CVE-2021-3807 ansi-regex is vulnerable to Inefficient Regular Expression Complexity
network
low complexity
ansi-regex-project oracle
7.5
2021-09-12 CVE-2021-23440 Type Confusion vulnerability in multiple products
This affects the package set-value before <2.0.1, >=3.0.0 <4.0.1.
network
low complexity
set-value-project oracle CWE-843
critical
9.8
2021-08-23 CVE-2021-39140 XStream is a simple library to serialize objects to XML and back again. 6.3
2021-08-23 CVE-2021-39150 XStream is a simple library to serialize objects to XML and back again. 8.5
2021-08-23 CVE-2021-39152 XStream is a simple library to serialize objects to XML and back again. 8.5
2021-08-23 CVE-2021-39139 XStream is a simple library to serialize objects to XML and back again. 8.8