Vulnerabilities > Oracle > Financial Services Regulatory Reporting With Agilereporter > High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-08-30	CVE-2020-7712	OS Command Injection vulnerability in multiple products This affects the package json before 10.0.0. network low complexity joyent oracle CWE-78	7.2
2020-01-17	CVE-2020-5398	Download of Code Without Integrity Check vulnerability in multiple products In Spring Framework, versions 5.2.x prior to 5.2.3, versions 5.1.x prior to 5.1.13, and versions 5.0.x prior to 5.0.16, an application is vulnerable to a reflected file download (RFD) attack when it sets a "Content-Disposition" header in the response where the filename attribute is derived from user supplied input. network high complexity vmware oracle netapp CWE-494	7.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.