20.3.5

DATE	CVE	VULNERABILITY TITLE	RISK
2022-04-19	CVE-2022-21426	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). network low complexity oracle debian netapp azul	5.3
2022-04-19	CVE-2022-21434	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). network low complexity oracle debian netapp azul	5.3
2022-04-19	CVE-2022-21443	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). network high complexity oracle netapp debian azul	3.7
2022-04-19	CVE-2022-21476	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). network low complexity oracle netapp debian azul	7.5
2022-04-19	CVE-2022-21496	Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JNDI). network low complexity oracle netapp debian azul	5.3
2022-02-24	CVE-2021-44531	Improper Certificate Validation vulnerability in multiple products Accepting arbitrary Subject Alternative Name (SAN) types, unless a PKI is specifically defined to use a particular SAN type, can result in bypassing name-constrained intermediates. network high complexity nodejs oracle CWE-295	7.4
2022-02-24	CVE-2021-44532	Improper Certificate Validation vulnerability in multiple products Node.js < 12.22.9, < 14.18.3, < 16.13.2, and < 17.3.1 converts SANs (Subject Alternative Names) to a string format. network low complexity nodejs oracle debian CWE-295	5.3
2022-02-24	CVE-2021-44533	Improper Certificate Validation vulnerability in multiple products Node.js < 12.22.9, < 14.18.3, < 16.13.2, and < 17.3.1 did not handle multi-value Relative Distinguished Names correctly. network low complexity nodejs oracle debian CWE-295	5.3