Vulnerabilities > Oracle > Webcenter Portal > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-07-15 | CVE-2020-14611 | Unspecified vulnerability in Oracle Webcenter Portal 12.2.1.3.0/12.2.1.4.0 Vulnerability in the Oracle WebCenter Portal product of Oracle Fusion Middleware (component: Composer). | 8.6 |
| 2020-04-07 | CVE-2020-11612 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products The ZlibDecoders in Netty 4.1.x before 4.1.46 allow for unbounded memory allocation while decoding a ZlibEncoded byte stream. | 7.5 |
| 2020-03-31 | CVE-2020-11113 | Deserialization of Untrusted Data vulnerability in multiple products FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.openjpa.ee.WASRegistryManagedRuntime (aka openjpa). | 8.8 |
| 2019-10-08 | CVE-2019-17359 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products The ASN.1 parser in Bouncy Castle Crypto (aka BC Java) 1.63 can trigger a large attempted memory allocation, and resultant OutOfMemoryError error, via crafted ASN.1 data. | 7.5 |
| 2019-08-30 | CVE-2019-12402 | Infinite Loop vulnerability in multiple products The file name encoding algorithm used internally in Apache Commons Compress 1.15 to 1.18 can get into an infinite loop when faced with specially crafted inputs. | 7.5 |
| 2019-05-01 | CVE-2019-0227 | Server-Side Request Forgery (SSRF) vulnerability in multiple products A Server Side Request Forgery (SSRF) vulnerability affected the Apache Axis 1.4 distribution that was last released in 2006. | 7.5 |
| 2018-10-17 | CVE-2018-3246 | Unspecified vulnerability in Oracle products Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS - Web Services). | 7.5 |
| 2018-06-05 | CVE-2018-1000180 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products Bouncy Castle BC 1.54 - 1.59, BC-FJA 1.0.0, BC-FJA 1.0.1 and earlier have a flaw in the Low-level interface to RSA key pair generator, specifically RSA Key Pairs generated in low-level API with added certainty may have less M-R tests than expected. | 7.5 |
| 2018-01-18 | CVE-2018-2713 | Unspecified vulnerability in Oracle Webcenter Portal 11.1.1.9.0/12.2.1.2.0/12.2.1.3.0 Vulnerability in the Oracle WebCenter Portal component of Oracle Fusion Middleware (subcomponent: WebCenter Spaces Application). | 8.2 |