8.0.2

DATE	CVE	VULNERABILITY TITLE	RISK
2021-01-06	CVE-2020-36189	Deserialization of Untrusted Data vulnerability in multiple products FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource. network high complexity fasterxml netapp debian oracle CWE-502	8.1
2020-12-18	CVE-2020-28052	An issue was discovered in Legion of the Bouncy Castle BC Java 1.65 and 1.66. network high complexity bouncycastle apache oracle	8.1
2020-12-03	CVE-2020-25649	XXE vulnerability in multiple products A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. network low complexity fasterxml netapp fedoraproject quarkus apache oracle CWE-611	7.5
2020-11-12	CVE-2020-13954	Cross-site Scripting vulnerability in multiple products By default, Apache CXF creates a /services page containing a listing of the available endpoint names and addresses. network low complexity apache netapp oracle CWE-79	6.1
2020-03-23	CVE-2020-1951	Infinite Loop vulnerability in multiple products A carefully crafted or corrupt PSD file can cause an infinite loop in Apache Tika's PSDParser in versions 1.0-1.23. local low complexity apache oracle debian canonical CWE-835	5.5
2020-03-23	CVE-2020-1950	Resource Exhaustion vulnerability in multiple products A carefully crafted or corrupt PSD file can cause excessive memory usage in Apache Tika's PSDParser in versions 1.0-1.23. local low complexity apache oracle debian canonical CWE-400	5.5