Vulnerabilities > Oracle > Graalvm > 19.3.0.2

DATE CVE VULNERABILITY TITLE RISK
2020-01-15 CVE-2020-2604 Deserialization of Untrusted Data vulnerability in multiple products
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). 		8.1
8.1
2020-01-15 CVE-2020-2595 Unspecified vulnerability in Oracle Graalvm 19.3.0.2
Vulnerability in the Oracle GraalVM Enterprise Edition product of Oracle GraalVM (component: GraalVM Compiler).
network
low complexity
oracle
5.0
5.0
2020-01-15 CVE-2020-2581 Unspecified vulnerability in Oracle Graalvm 19.3.0.2
Vulnerability in the Oracle GraalVM Enterprise Edition product of Oracle GraalVM (component: LLVM Interpreter).
local
low complexity
oracle
2.1
2.1
2019-12-13 CVE-2019-16777 Improper Privilege Management vulnerability in multiple products
Versions of the npm CLI prior to 6.13.4 are vulnerable to an Arbitrary File Overwrite.
network
low complexity
npmjs opensuse oracle fedoraproject redhat CWE-269
6.5
6.5
2019-12-13 CVE-2019-16776 Path Traversal vulnerability in multiple products
Versions of the npm CLI prior to 6.13.3 are vulnerable to an Arbitrary File Write.
network
low complexity
npmjs opensuse oracle fedoraproject redhat CWE-22
8.1
8.1
2019-12-13 CVE-2019-16775 UNIX Symbolic Link (Symlink) Following vulnerability in multiple products
Versions of the npm CLI prior to 6.13.3 are vulnerable to an Arbitrary File Write.
network
low complexity
redhat npmjs opensuse oracle fedoraproject CWE-61
6.5
6.5
2019-11-26 CVE-2019-16255 Code Injection vulnerability in multiple products
Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 allows code injection if the first argument (aka the "command" argument) to Shell#[] or Shell#test in lib/shell.rb is untrusted data.
network
high complexity
ruby-lang debian opensuse oracle CWE-94
8.1
8.1