Vulnerabilities > Oracle > Webcenter Portal
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-07-13 | CVE-2021-35516 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products When reading a specially crafted 7Z archive, Compress can be made to allocate large amounts of memory that finally leads to an out of memory error even for very small inputs. | 7.5 |
2021-07-13 | CVE-2021-35517 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products When reading a specially crafted TAR archive, Compress can be made to allocate large amounts of memory that finally leads to an out of memory error even for very small inputs. | 7.5 |
2021-07-13 | CVE-2021-36090 | When reading a specially crafted ZIP archive, Compress can be made to allocate large amounts of memory that finally leads to an out of memory error even for very small inputs. | 7.5 |
2021-05-28 | CVE-2021-29505 | XStream is software for serializing Java objects to XML and back again. | 8.8 |
2021-04-13 | CVE-2021-29425 | Path Traversal vulnerability in multiple products In Apache Commons IO before 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like "//../foo", or "\\..\foo", the result would be the same value, thus possibly providing access to files in the parent directory, but not further above (thus "limited" path traversal), if the calling code would use the result to construct a path value. | 4.8 |
2021-03-31 | CVE-2021-28657 | Infinite Loop vulnerability in multiple products A carefully crafted or corrupt file may trigger an infinite loop in Tika's MP3Parser up to and including Tika 1.25. | 5.5 |
2021-03-23 | CVE-2021-21351 | XStream is a Java library to serialize objects to XML and back again. | 9.1 |
2021-03-23 | CVE-2021-21350 | XStream is a Java library to serialize objects to XML and back again. | 9.8 |
2021-03-23 | CVE-2021-21349 | XStream is a Java library to serialize objects to XML and back again. | 8.6 |
2021-03-23 | CVE-2021-21348 | Resource Exhaustion vulnerability in multiple products XStream is a Java library to serialize objects to XML and back again. | 7.5 |