VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
Oracle
>
Graalvm
> 20.3.5
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2022-04-19
CVE-2022-21426
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP).
network
low complexity
oracle
debian
netapp
azul
5.3
5.3
2022-04-19
CVE-2022-21434
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries).
network
low complexity
oracle
debian
netapp
azul
5.3
5.3
2022-04-19
CVE-2022-21443
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries).
network
high complexity
oracle
netapp
debian
azul
3.7
3.7
2022-04-19
CVE-2022-21476
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries).
network
low complexity
oracle
netapp
debian
azul
7.5
7.5
2022-04-19
CVE-2022-21496
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JNDI).
network
low complexity
oracle
netapp
debian
azul
5.3
5.3
2022-02-24
CVE-2021-44531
Improper Certificate Validation vulnerability in multiple products
Accepting arbitrary Subject Alternative Name (SAN) types, unless a PKI is specifically defined to use a particular SAN type, can result in bypassing name-constrained intermediates.
network
high complexity
nodejs
oracle
CWE-295
7.4
7.4
2022-02-24
CVE-2021-44532
Improper Certificate Validation vulnerability in multiple products
Node.js < 12.22.9, < 14.18.3, < 16.13.2, and < 17.3.1 converts SANs (Subject Alternative Names) to a string format.
network
low complexity
nodejs
oracle
debian
CWE-295
5.3
5.3
2022-02-24
CVE-2021-44533
Improper Certificate Validation vulnerability in multiple products
Node.js < 12.22.9, < 14.18.3, < 16.13.2, and < 17.3.1 did not handle multi-value Relative Distinguished Names correctly.
network
low complexity
nodejs
oracle
debian
CWE-295
5.3
5.3