Vulnerabilities > Oracle > Weblogic Server > 14.1.1.0.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-02-24 | CVE-2020-11987 | Server-Side Request Forgery (SSRF) vulnerability in multiple products Apache Batik 1.13 is vulnerable to server-side request forgery, caused by improper input validation by the NodePickerPanel. | 8.2 |
2021-02-23 | CVE-2021-27568 | Improper Check for Unusual or Exceptional Conditions vulnerability in multiple products An issue was discovered in netplex json-smart-v1 through 2015-10-23 and json-smart-v2 through 2.4. | 5.9 |
2021-02-18 | CVE-2020-28491 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products This affects the package com.fasterxml.jackson.dataformat:jackson-dataformat-cbor from 0 and before 2.11.4, from 2.12.0-rc1 and before 2.12.1. | 7.5 |
2021-01-20 | CVE-2021-2109 | Unspecified vulnerability in Oracle Weblogic Server Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). | 6.5 |
2021-01-20 | CVE-2021-2075 | Unspecified vulnerability in Oracle Weblogic Server Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Samples). | 7.5 |
2021-01-20 | CVE-2021-2033 | Unspecified vulnerability in Oracle Weblogic Server Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core Components). | 4.0 |
2020-12-10 | CVE-2020-8908 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products A temp directory creation vulnerability exists in all versions of Guava, allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava API com.google.common.io.Files.createTempDir(). | 3.3 |
2020-12-02 | CVE-2020-13956 | Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution. | 5.3 |
2020-10-21 | CVE-2020-14883 | Unspecified vulnerability in Oracle Weblogic Server Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). | 9.0 |
2020-10-21 | CVE-2020-14882 | Unspecified vulnerability in Oracle Weblogic Server Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). | 10.0 |