Vulnerabilities > Oracle > Transportation Management
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-02-24 | CVE-2020-1938 | When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connections to Apache Tomcat. | 9.8 |
| 2020-02-24 | CVE-2020-1935 | HTTP Request Smuggling vulnerability in multiple products In Apache Tomcat 9.0.0.M1 to 9.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99 the HTTP header parsing code used an approach to end-of-line parsing that allowed some invalid HTTP headers to be parsed as valid. | 4.8 |
| 2020-02-24 | CVE-2019-17569 | HTTP Request Smuggling vulnerability in multiple products The refactoring present in Apache Tomcat 9.0.28 to 9.0.30, 8.5.48 to 8.5.50 and 7.0.98 to 7.0.99 introduced a regression. | 4.8 |
| 2019-12-23 | CVE-2019-17563 | Session Fixation vulnerability in multiple products When using FORM authentication with Apache Tomcat 9.0.0.M1 to 9.0.29, 8.5.0 to 8.5.49 and 7.0.0 to 7.0.98 there was a narrow window where an attacker could perform a session fixation attack. | 7.5 |
| 2019-04-23 | CVE-2019-2709 | Unspecified vulnerability in Oracle Transportation Management 6.3.7/6.4.2/6.4.3 Vulnerability in the Oracle Transportation Management component of Oracle Supply Chain Products Suite (subcomponent: Security). | 6.1 |
| 2019-04-20 | CVE-2019-11358 | jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. | 6.1 |
| 2019-01-16 | CVE-2019-2487 | Unspecified vulnerability in Oracle Transportation Management Vulnerability in the Oracle Transportation Management component of Oracle Supply Chain Products Suite (subcomponent: UI Infrastructure). | 6.5 |
| 2018-04-19 | CVE-2018-2823 | Unspecified vulnerability in Oracle Transportation Management 6.4.3 Vulnerability in the Oracle Transportation Management component of Oracle Supply Chain Products Suite (subcomponent: Database). | 6.5 |
| 2018-01-18 | CVE-2018-2662 | Unspecified vulnerability in Oracle Transportation Management Vulnerability in the Oracle Transportation Management component of Oracle Supply Chain Products Suite (subcomponent: Security). | 5.4 |
| 2018-01-18 | CVE-2018-2631 | Unspecified vulnerability in Oracle Transportation Management Vulnerability in the Oracle Transportation Management component of Oracle Supply Chain Products Suite (subcomponent: Security). | 4.3 |