Vulnerabilities > Oracle > Financial Services Crime AND Compliance Management Studio > High

DATE	CVE	VULNERABILITY TITLE	RISK
2021-01-26	CVE-2020-9492	Incorrect Authorization vulnerability in multiple products In Apache Hadoop 3.2.0 to 3.2.1, 3.0.0-alpha1 to 3.1.3, and 2.0.0-alpha to 2.10.0, WebHDFS client might send SPNEGO authorization header to remote URL without proper verification. network low complexity apache oracle CWE-863	8.8
2020-08-30	CVE-2020-7712	OS Command Injection vulnerability in multiple products This affects the package json before 10.0.0. network low complexity joyent oracle CWE-78	7.2

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.