Oracle Communications Cloud Native Core Security Edge Protection Proxy 1.5.0

CPE Details

Oracle Communications Cloud Native Core Security Edge Protection Proxy 1.5.0
oracle
communications_cloud_native_core_security_edge_protection_proxy
1.5.0
2022-02-09
13h53 +00:00
2022-02-15
03h05 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:oracle:communications_cloud_native_core_security_edge_protection_proxy:1.5.0:*:*:*:*:*:*:*

Informations

Vendor

oracle

Product

communications_cloud_native_core_security_edge_protection_proxy

Version

1.5.0

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2021-34429 2021-07-15 15h00 +00:00 For Eclipse Jetty versions 9.4.37-9.4.42, 10.0.1-10.0.5 & 11.0.1-11.0.5, URIs can be crafted using some encoded characters to access the content of the WEB-INF directory and/or bypass some security constraints. This is a variation of the vulnerability reported in CVE-2021-28164/GHSA-v7ff-8wcx-gmc5.
5.3
Medium
CVE-2021-33880 2021-06-06 12h05 +00:00 The aaugustin websockets library before 9.1 for Python has an Observable Timing Discrepancy on servers when HTTP Basic Authentication is enabled with basic_auth_protocol_factory(credentials=...). An attacker may be able to guess a password via a timing attack.
5.9
Medium
CVE-2021-3326 2021-01-26 23h00 +00:00 The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.
7.5
High
CVE-2019-10219 2019-11-08 13h46 +00:00 A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.
6.1
Medium