| 2021-02-18 | CVE-2020-28491 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products
This affects the package com.fasterxml.jackson.dataformat:jackson-dataformat-cbor from 0 and before 2.11.4, from 2.12.0-rc1 and before 2.12.1. | 7.5 |
| 2020-12-02 | CVE-2020-13956 | Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution. | 5.3 |
| 2020-09-19 | CVE-2020-5421 | In Spring Framework versions 5.2.0 - 5.2.8, 5.1.0 - 5.1.17, 5.0.0 - 5.0.18, 4.3.0 - 4.3.28, and older unsupported versions, the protections against RFD attacks from CVE-2015-5211 may be bypassed depending on the browser used through the use of a jsessionid path parameter. | 6.5 |
| 2020-07-15 | CVE-2020-2967 | Unspecified vulnerability in Oracle Weblogic Server
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Services). | 7.5 |
| 2020-07-15 | CVE-2020-2966 | Unspecified vulnerability in Oracle Weblogic Server
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). | 5.4 |
| 2020-07-15 | CVE-2020-14687 | Unspecified vulnerability in Oracle Weblogic Server 12.2.1.3.0/12.2.1.4.0/14.1.1.0.0
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). network low complexity oracle critical | 9.8 |
| 2020-07-15 | CVE-2020-14652 | Unspecified vulnerability in Oracle Weblogic Server
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). | 6.5 |
| 2020-07-15 | CVE-2020-14645 | Unspecified vulnerability in Oracle Weblogic Server
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). network low complexity oracle critical | 9.8 |
| 2020-07-15 | CVE-2020-14644 | Unspecified vulnerability in Oracle Weblogic Server 12.2.1.3.0/12.2.1.4.0/14.1.1.0.0
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). network low complexity oracle critical | 9.8 |
| 2020-07-15 | CVE-2020-14640 | Unspecified vulnerability in Oracle Weblogic Server
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Sample apps). | 6.1 |