Vulnerabilities > Oracle > Communications Unified Inventory Management > 7.3

DATE	CVE	VULNERABILITY TITLE	RISK
2019-04-20	CVE-2019-11358	jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. network low complexity jquery debian drupal backdropcms fedoraproject opensuse netapp redhat oracle joomla juniper	6.1
2018-10-18	CVE-2018-15756	Spring Framework, version 5.1, versions 5.0.x prior to 5.0.10, versions 4.3.x prior to 4.3.20, and older unsupported versions on the 4.2.x branch provide support for range requests when serving static resources through the ResourceHttpRequestHandler, or starting in 5.0 when an annotated controller returns an org.springframework.core.io.Resource. network low complexity vmware oracle debian	7.5
2018-01-18	CVE-2018-2571	Unspecified vulnerability in Oracle Communications Unified Inventory Management 7.2.4.2/7.3 Vulnerability in the Oracle Communications Unified Inventory Management component of Oracle Communications Applications (subcomponent: Portal). network low complexity oracle	5.4
2018-01-18	CVE-2018-2570	Unspecified vulnerability in Oracle Communications Unified Inventory Management 7.2.4.2/7.3 Vulnerability in the Oracle Communications Unified Inventory Management component of Oracle Communications Applications (subcomponent: Portal). network low complexity oracle	6.3

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.