Vulnerabilities > Oracle > Graalvm > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-01-06 CVE-2020-8287 HTTP Request Smuggling vulnerability in multiple products
Node.js versions before 10.23.1, 12.20.1, 14.15.4, 15.5.1 allow two copies of a header field in an HTTP request (for example, two Transfer-Encoding header fields).
network
low complexity
nodejs debian fedoraproject oracle siemens CWE-444
6.5
2020-12-08 CVE-2020-1971 NULL Pointer Dereference vulnerability in multiple products
The X.509 GeneralName type is a generic type for representing different types of names.
5.9
2020-11-24 CVE-2020-28928 Out-of-bounds Write vulnerability in multiple products
In musl libc through 1.2.1, wcsnrtombs mishandles particular combinations of destination buffer size and source character limit, as demonstrated by an invalid write access (buffer overflow).
5.5
2020-04-15 CVE-2020-2799 Unspecified vulnerability in Oracle Graalvm 19.3.1/20.0.0
Vulnerability in the Oracle GraalVM Enterprise Edition product of Oracle GraalVM (component: GraalVM Compiler).
network
high complexity
oracle
6.3
2020-01-15 CVE-2020-2595 Unspecified vulnerability in Oracle Graalvm 19.3.0.2
Vulnerability in the Oracle GraalVM Enterprise Edition product of Oracle GraalVM (component: GraalVM Compiler).
network
low complexity
oracle
5.8
2020-01-15 CVE-2020-2581 Unspecified vulnerability in Oracle Graalvm 19.3.0.2
Vulnerability in the Oracle GraalVM Enterprise Edition product of Oracle GraalVM (component: LLVM Interpreter).
local
low complexity
oracle
4.0
2019-12-13 CVE-2019-16777 Improper Privilege Management vulnerability in multiple products
Versions of the npm CLI prior to 6.13.4 are vulnerable to an Arbitrary File Overwrite.
network
low complexity
npmjs opensuse oracle fedoraproject redhat CWE-269
6.5
2019-12-13 CVE-2019-16775 Versions of the npm CLI prior to 6.13.3 are vulnerable to an Arbitrary File Write.
network
low complexity
redhat npmjs opensuse oracle fedoraproject
6.5
2019-11-08 CVE-2019-10219 A vulnerability was found in Hibernate-Validator.
network
low complexity
redhat netapp oracle
6.1
2019-10-16 CVE-2019-2989 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking).
network
high complexity
oracle redhat netapp
6.8