Filtered by vendor Oracle
Subscribe
Filtered by product Financial Services Crime And Compliance Management Studio
Subscribe
Total
22 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-28500 | 3 Lodash, Oracle, Siemens | 19 Lodash, Banking Corporate Lending Process Management, Banking Credit Facilities Process Management and 16 more | 2024-02-28 | 5.0 MEDIUM | 5.3 MEDIUM |
Lodash versions prior to 4.17.21 are vulnerable to Regular Expression Denial of Service (ReDoS) via the toNumber, trim and trimEnd functions. | |||||
CVE-2020-7712 | 2 Joyent, Oracle | 5 Json, Commerce Guided Search, Financial Services Crime And Compliance Management Studio and 2 more | 2024-02-28 | 6.5 MEDIUM | 7.2 HIGH |
This affects the package json before 10.0.0. It is possible to inject arbritary commands using the parseLookup function. |