VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
Oracle
>
Retail Extract Transform AND Load
> Medium
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2022-01-24
CVE-2022-23437
Infinite Loop vulnerability in multiple products
There's a vulnerability within the Apache Xerces Java (XercesJ) XML parser when handling specially crafted XML document payloads.
network
low complexity
apache
oracle
netapp
CWE-835
6.5
6.5
2021-07-14
CVE-2021-36373
When reading a specially crafted TAR archive an Apache Ant build can be made to allocate large amounts of memory that finally leads to an out of memory error, even for small inputs.
local
low complexity
apache
oracle
5.5
5.5
2021-07-14
CVE-2021-36374
When reading a specially crafted ZIP archive, or a derived formats, an Apache Ant build can be made to allocate large amounts of memory that leads to an out of memory error, even for small inputs.
local
low complexity
apache
oracle
5.5
5.5
2020-05-14
CVE-2020-1945
Exposure of Resource to Wrong Sphere vulnerability in multiple products
Apache Ant 1.1 to 1.9.14 and 1.10.0 to 1.10.7 uses the default temporary directory identified by the Java system property java.io.tmpdir for several tasks and may thus leak sensitive information.
local
high complexity
apache
canonical
fedoraproject
opensuse
oracle
CWE-668
6.3
6.3
2019-11-08
CVE-2019-10219
Cross-site Scripting vulnerability in multiple products
A vulnerability was found in Hibernate-Validator.
network
low complexity
redhat
netapp
oracle
CWE-79
6.1
6.1