Vulnerabilities (CVE)

Filtered by vendor Oracle Subscribe
Filtered by product Communications Element Manager
Total 68 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-14062 4 Debian, Fasterxml, Netapp and 1 more 13 Debian Linux, Jackson-databind, Active Iq Unified Manager and 10 more 2024-11-21 6.8 MEDIUM 8.1 HIGH
FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to com.sun.org.apache.xalan.internal.lib.sql.JNDIConnectionPool (aka xalan2).
CVE-2020-14061 4 Debian, Fasterxml, Netapp and 1 more 15 Debian Linux, Jackson-databind, Active Iq Unified Manager and 12 more 2024-11-21 6.8 MEDIUM 8.1 HIGH
FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oracle.jms.AQjmsQueueConnectionFactory, oracle.jms.AQjmsXATopicConnectionFactory, oracle.jms.AQjmsTopicConnectionFactory, oracle.jms.AQjmsXAQueueConnectionFactory, and oracle.jms.AQjmsXAConnectionFactory (aka weblogic/oracle-aqjms).
CVE-2020-14060 3 Fasterxml, Netapp, Oracle 12 Jackson-databind, Active Iq Unified Manager, Steelstore Cloud Integrated Storage and 9 more 2024-11-21 6.8 MEDIUM 8.1 HIGH
FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.xalan.lib.sql.JNDIConnectionPool (aka apache/drill).
CVE-2020-11998 2 Apache, Oracle 7 Activemq, Communications Diameter Signaling Router, Communications Element Manager and 4 more 2024-11-21 7.5 HIGH 9.8 CRITICAL
A regression has been introduced in the commit preventing JMX re-bind. By passing an empty environment map to RMIConnectorServer, instead of the map that contains the authentication credentials, it leaves ActiveMQ open to the following attack: https://docs.oracle.com/javase/8/docs/technotes/guides/management/agent.html "A remote client could create a javax.management.loading.MLet MBean and use it to create new MBeans from arbitrary URLs, at least if there is no security manager. In other words, a rogue remote client could make your Java application execute arbitrary code." Mitigation: Upgrade to Apache ActiveMQ 5.15.13
CVE-2020-11993 7 Apache, Canonical, Debian and 4 more 13 Http Server, Ubuntu Linux, Debian Linux and 10 more 2024-11-21 4.3 MEDIUM 7.5 HIGH
Apache HTTP Server versions 2.4.20 to 2.4.43 When trace/debug was enabled for the HTTP/2 module and on certain traffic edge patterns, logging statements were made on the wrong connection, causing concurrent use of memory pools. Configuring the LogLevel of mod_http2 above "info" will mitigate this vulnerability for unpatched servers.
CVE-2020-11984 7 Apache, Canonical, Debian and 4 more 13 Http Server, Ubuntu Linux, Debian Linux and 10 more 2024-11-21 7.5 HIGH 9.8 CRITICAL
Apache HTTP server 2.4.32 to 2.4.44 mod_proxy_uwsgi info disclosure and possible RCE
CVE-2020-11655 7 Canonical, Debian, Netapp and 4 more 18 Ubuntu Linux, Debian Linux, Ontap Select Deploy Administration Utility and 15 more 2024-11-21 5.0 MEDIUM 7.5 HIGH
SQLite through 3.31.1 allows attackers to cause a denial of service (segmentation fault) via a malformed window-function query because the AggInfo object's initialization is mishandled.
CVE-2020-11113 4 Debian, Fasterxml, Netapp and 1 more 32 Debian Linux, Jackson-databind, Steelstore Cloud Integrated Storage and 29 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.openjpa.ee.WASRegistryManagedRuntime (aka openjpa).
CVE-2020-11112 4 Debian, Fasterxml, Netapp and 1 more 31 Debian Linux, Jackson-databind, Steelstore Cloud Integrated Storage and 28 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.proxy.provider.remoting.RmiProvider (aka apache/commons-proxy).
CVE-2020-11111 4 Debian, Fasterxml, Netapp and 1 more 25 Debian Linux, Jackson-databind, Steelstore Cloud Integrated Storage and 22 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.activemq.* (aka activemq-jms, activemq-core, activemq-pool, and activemq-pool-jms).
CVE-2020-11023 7 Debian, Drupal, Fedoraproject and 4 more 55 Debian Linux, Drupal, Fedora and 52 more 2024-11-21 4.3 MEDIUM 6.9 MEDIUM
In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2020-10969 4 Debian, Fasterxml, Netapp and 1 more 31 Debian Linux, Jackson-databind, Steelstore Cloud Integrated Storage and 28 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to javax.swing.JEditorPane.
CVE-2020-10968 4 Debian, Fasterxml, Netapp and 1 more 31 Debian Linux, Jackson-databind, Steelstore Cloud Integrated Storage and 28 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.aoju.bus.proxy.provider.remoting.RmiProvider (aka bus-proxy).
CVE-2020-10673 4 Debian, Fasterxml, Netapp and 1 more 31 Debian Linux, Jackson-databind, Steelstore Cloud Integrated Storage and 28 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to com.caucho.config.types.ResourceRef (aka caucho-quercus).
CVE-2020-10672 4 Debian, Fasterxml, Netapp and 1 more 31 Debian Linux, Jackson-databind, Steelstore Cloud Integrated Storage and 28 more 2024-11-21 6.8 MEDIUM 8.8 HIGH
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory (aka aries.transaction.jms).
CVE-2019-9517 12 Apache, Apple, Canonical and 9 more 25 Http Server, Traffic Server, Mac Os X and 22 more 2024-11-21 7.8 HIGH 7.5 HIGH
Some HTTP/2 implementations are vulnerable to unconstrained interal data buffering, potentially leading to a denial of service. The attacker opens the HTTP/2 window so the peer can send without constraint; however, they leave the TCP window closed so the peer cannot actually write (many of) the bytes on the wire. The attacker then sends a stream of requests for a large response object. Depending on how the servers queue the responses, this can consume excess memory, CPU, or both.
CVE-2019-17573 2 Apache, Oracle 7 Cxf, Commerce Guided Search, Communications Element Manager and 4 more 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
By default, Apache CXF creates a /services page containing a listing of the available endpoint names and addresses. This webpage is vulnerable to a reflected Cross-Site Scripting (XSS) attack, which allows a malicious actor to inject javascript into the web page. Please note that the attack exploits a feature which is not typically not present in modern browsers, who remove dot segments before sending the request. However, Mobile applications may be vulnerable.
CVE-2019-12423 2 Apache, Oracle 8 Cxf, Commerce Guided Search, Communications Diameter Signaling Router and 5 more 2024-11-21 4.3 MEDIUM 7.5 HIGH
Apache CXF ships with a OpenId Connect JWK Keys service, which allows a client to obtain the public keys in JWK format, which can then be used to verify the signature of tokens issued by the service. Typically, the service obtains the public key from a local keystore (JKS/PKCS12) by specifing the path of the keystore and the alias of the keystore entry. This case is not vulnerable. However it is also possible to obtain the keys from a JWK keystore file, by setting the configuration parameter "rs.security.keystore.type" to "jwk". For this case all keys are returned in this file "as is", including all private key and secret key credentials. This is an obvious security risk if the user has configured the signature keystore file with private or secret key credentials. From CXF 3.3.5 and 3.2.12, it is mandatory to specify an alias corresponding to the id of the key in the JWK file, and only this key is returned. In addition, any private key information is omitted by default. "oct" keys, which contain secret keys, are not returned at all.
CVE-2019-12402 3 Apache, Fedoraproject, Oracle 19 Commons Compress, Fedora, Banking Payments and 16 more 2024-11-21 5.0 MEDIUM 7.5 HIGH
The file name encoding algorithm used internally in Apache Commons Compress 1.15 to 1.18 can get into an infinite loop when faced with specially crafted inputs. This can lead to a denial of service attack if an attacker can choose the file names inside of an archive created by Compress.
CVE-2019-11358 11 Backdropcms, Debian, Drupal and 8 more 105 Backdrop, Debian Linux, Drupal and 102 more 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.