Vulnerabilities > Oracle > Peoplesoft Enterprise Peopletools > 8.58
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-07-13 | CVE-2021-35515 | Infinite Loop vulnerability in multiple products When reading a specially crafted 7Z archive, the construction of the list of codecs that decompress an entry can result in an infinite loop. | 7.5 |
| 2021-07-13 | CVE-2021-35516 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products When reading a specially crafted 7Z archive, Compress can be made to allocate large amounts of memory that finally leads to an out of memory error even for very small inputs. | 7.5 |
| 2021-07-13 | CVE-2021-35517 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products When reading a specially crafted TAR archive, Compress can be made to allocate large amounts of memory that finally leads to an out of memory error even for very small inputs. | 7.5 |
| 2021-07-13 | CVE-2021-36090 | When reading a specially crafted ZIP archive, Compress can be made to allocate large amounts of memory that finally leads to an out of memory error even for very small inputs. | 7.5 |
| 2021-05-19 | CVE-2021-3517 | Out-of-bounds Write vulnerability in multiple products There is a flaw in the xml entity encoding functionality of libxml2 in versions before 2.9.11. | 8.6 |
| 2021-05-18 | CVE-2021-3518 | Use After Free vulnerability in multiple products There's a flaw in libxml2 in versions before 2.9.11. | 8.8 |
| 2021-05-14 | CVE-2021-3537 | NULL Pointer Dereference vulnerability in multiple products A vulnerability found in libxml2 in versions before 2.9.11 shows that it did not propagate errors while parsing XML mixed content, causing a NULL dereference. | 5.9 |
| 2021-04-22 | CVE-2021-2219 | Unspecified vulnerability in Oracle Peoplesoft Enterprise Peopletools 8.56/8.57/8.58 Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: SQR). | 6.5 |
| 2021-04-22 | CVE-2021-2216 | Unspecified vulnerability in Oracle Peoplesoft Enterprise Peopletools 8.56/8.57/8.58 Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Multichannel Framework). network oracle | 5.8 |
| 2021-03-25 | CVE-2021-3450 | Improper Certificate Validation vulnerability in multiple products The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. | 7.4 |