Vulnerabilities > Oracle > Http Server > 12.2.1.3.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-16 | CVE-2021-40438 | Server-Side Request Forgery (SSRF) vulnerability in multiple products A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. | 9.0 |
| 2021-08-23 | CVE-2021-35940 | Out-of-bounds Read vulnerability in multiple products An out-of-bounds array read in the apr_time_exp*() functions was fixed in the Apache Portable Runtime 1.6.3 release (CVE-2017-12613). | 7.1 |
| 2021-04-22 | CVE-2021-2315 | Unspecified vulnerability in Oracle Http Server 11.1.1.9.0/12.2.1.3.0/12.2.1.4.0 Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware (component: Web Listener). network oracle | 5.8 |
| 2020-09-04 | CVE-2020-24977 | Out-of-bounds Read vulnerability in multiple products GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. | 6.5 |
| 2020-01-15 | CVE-2020-2545 | Unspecified vulnerability in Oracle Http Server 11.1.1.9.0/12.1.3.0.0/12.2.1.3.0 Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware (component: OSSL Module). | 5.0 |
| 2020-01-15 | CVE-2020-2530 | Unspecified vulnerability in Oracle Http Server 11.1.1.9.0/12.1.3.0.0/12.2.1.3.0 Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware (component: Web Listener). network oracle | 5.8 |
| 2019-11-08 | CVE-2019-10219 | Cross-site Scripting vulnerability in multiple products A vulnerability was found in Hibernate-Validator. | 6.1 |
| 2019-09-26 | CVE-2019-10082 | Use After Free vulnerability in multiple products In Apache HTTP Server 2.4.18-2.4.39, using fuzzed network input, the http/2 session handling could be made to read memory after being freed, during connection shutdown. | 9.1 |
| 2019-09-16 | CVE-2019-5482 | Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3. | 9.8 |
| 2019-07-23 | CVE-2019-2751 | Unspecified vulnerability in Oracle Http Server 12.1.3.0.0/12.2.1.3.0 Vulnerability in the Oracle HTTP Server component of Oracle Fusion Middleware (subcomponent: OHS Config MBeans). network oracle | 4.3 |