Retail Xstore Point OF Service

DATE	CVE	VULNERABILITY TITLE	RISK
2021-04-13	CVE-2021-29425	Path Traversal vulnerability in multiple products In Apache Commons IO before 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like "//../foo", or "\\..\foo", the result would be the same value, thus possibly providing access to files in the parent directory, but not further above (thus "limited" path traversal), if the calling code would use the result to construct a path value. network high complexity apache debian oracle netapp CWE-22	4.8
2021-03-23	CVE-2021-21351	Unrestricted Upload of File with Dangerous Type vulnerability in multiple products XStream is a Java library to serialize objects to XML and back again. network low complexity netapp apache xstream debian fedoraproject oracle CWE-434 critical	9.1
2021-03-23	CVE-2021-21350	Unrestricted Upload of File with Dangerous Type vulnerability in multiple products XStream is a Java library to serialize objects to XML and back again. network low complexity netapp apache xstream debian fedoraproject oracle CWE-434 critical	9.8
2021-03-23	CVE-2021-21349	Deserialization of Untrusted Data vulnerability in multiple products XStream is a Java library to serialize objects to XML and back again. network low complexity netapp apache xstream debian fedoraproject oracle CWE-502	8.6
2021-03-23	CVE-2021-21348	Resource Exhaustion vulnerability in multiple products XStream is a Java library to serialize objects to XML and back again. network low complexity netapp apache xstream debian fedoraproject oracle CWE-400	7.5
2021-03-23	CVE-2021-21347	Unrestricted Upload of File with Dangerous Type vulnerability in multiple products XStream is a Java library to serialize objects to XML and back again. network low complexity netapp apache xstream debian fedoraproject oracle CWE-434 critical	9.8
2021-03-23	CVE-2021-21346	Unrestricted Upload of File with Dangerous Type vulnerability in multiple products XStream is a Java library to serialize objects to XML and back again. network low complexity netapp apache xstream debian fedoraproject oracle CWE-434 critical	9.8
2021-03-23	CVE-2021-21345	OS Command Injection vulnerability in multiple products XStream is a Java library to serialize objects to XML and back again. network low complexity netapp apache xstream debian fedoraproject oracle CWE-78 critical	9.9
2021-03-23	CVE-2021-21344	Unrestricted Upload of File with Dangerous Type vulnerability in multiple products XStream is a Java library to serialize objects to XML and back again. network low complexity netapp apache xstream debian fedoraproject oracle CWE-434 critical	9.8
2021-03-23	CVE-2021-21343	External Control of File Name or Path vulnerability in multiple products XStream is a Java library to serialize objects to XML and back again. network low complexity netapp apache xstream debian fedoraproject oracle CWE-73	7.5