Oracle NoDQL Database 20.3

CPE Details

Oracle NoDQL Database 20.3
oracle
nosql_database
20.3
2021-06-15
15h16 +00:00
2021-07-06
14h25 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:oracle:nosql_database:20.3:*:*:*:*:*:*:*

Informations

Vendor

oracle

Product

nosql_database

Version

20.3

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2021-21409 2021-03-30 13h05 +00:00 Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. In Netty (io.netty:netty-codec-http2) before version 4.1.61.Final there is a vulnerability that enables request smuggling. The content-length header is not correctly validated if the request only uses a single Http2HeaderFrame with the endStream set to to true. This could lead to request smuggling if the request is proxied to a remote peer and translated to HTTP/1.1. This is a followup of GHSA-wm47-8v5p-wjpj/CVE-2021-21295 which did miss to fix this one case. This was fixed as part of 4.1.61.Final.
5.9
Medium
CVE-2019-10219 2019-11-08 13h46 +00:00 A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.
6.1
Medium