Vulnerabilities > Oracle > JD Edwards Enterpriseone Tools > 9.2.4.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-15 | CVE-2019-17195 | Improper Handling of Exceptional Conditions vulnerability in multiple products Connect2id Nimbus JOSE+JWT before v7.9 can throw various uncaught exceptions while parsing a JWT, which could result in an application crash (potential information disclosure) or a potential authentication bypass. | 9.8 |
| 2019-08-20 | CVE-2019-10086 | Deserialization of Untrusted Data vulnerability in multiple products In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects. | 7.3 |