Vulnerabilities > Oracle > Financial Services Analytical Applications Infrastructure > 8.1.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-16 | CVE-2023-21901 | Unspecified vulnerability in Oracle Financial Services Analytical Applications Infrastructure Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: Infrastructure). | 7.4 |
| 2022-04-01 | CVE-2022-22965 | Code Injection vulnerability in multiple products A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. | 9.8 |
| 2022-01-24 | CVE-2022-23437 | Infinite Loop vulnerability in multiple products There's a vulnerability within the Apache Xerces Java (XercesJ) XML parser when handling specially crafted XML document payloads. | 6.5 |
| 2022-01-19 | CVE-2021-35686 | Unspecified vulnerability in Oracle Financial Services Analytical Applications Infrastructure Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: Unified Metadata Manager). | 4.0 |
| 2022-01-19 | CVE-2021-35687 | Unspecified vulnerability in Oracle Financial Services Analytical Applications Infrastructure Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: Unified Metadata Manager). | 5.0 |
| 2021-12-18 | CVE-2021-45105 | Uncontrolled Recursion vulnerability in multiple products Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from self-referential lookups. | 5.9 |
| 2021-09-22 | CVE-2021-38153 | Information Exposure Through Discrepancy vulnerability in multiple products Some components in Apache Kafka use `Arrays.equals` to validate a password or key, which is vulnerable to timing attacks that make brute force attacks for such credentials more likely to be successful. | 5.9 |
| 2021-08-13 | CVE-2021-37695 | Cross-site Scripting vulnerability in multiple products ckeditor is an open source WYSIWYG HTML editor with rich content support. | 5.4 |
| 2021-08-12 | CVE-2021-32808 | Cross-site Scripting vulnerability in multiple products ckeditor is an open source WYSIWYG HTML editor with rich content support. | 5.4 |
| 2021-08-12 | CVE-2021-32809 | Cross-site Scripting vulnerability in multiple products ckeditor is an open source WYSIWYG HTML editor with rich content support. | 5.4 |