Oracle SD-WAN Edge 9.1

CPE Details

Oracle SD-WAN Edge 9.1
oracle
sd-wan_edge
9.1
2021-12-02
16h19 +00:00
2021-12-02
21h36 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:oracle:sd-wan_edge:9.1:*:*:*:*:*:*:*

Informations

Vendor

oracle

Product

sd-wan_edge

Version

9.1

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2022-22965 2022-04-01 22h17 +00:00 A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature of the vulnerability is more general, and there may be other ways to exploit it.
9.8
Critical
CVE-2022-22963 2022-04-01 00h00 +00:00 In Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions, when using routing functionality it is possible for a user to provide a specially crafted SpEL as a routing-expression that may result in remote code execution and access to local resources.
9.8
Critical
CVE-2020-36518 2022-03-10 23h00 +00:00 jackson-databind before 2.13.0 allows a Java StackOverflow exception and denial of service via a large depth of nested objects.
7.5
High
CVE-2021-42340 2021-10-14 17h55 +00:00 The fix for bug 63362 present in Apache Tomcat 10.1.0-M1 to 10.1.0-M5, 10.0.0-M1 to 10.0.11, 9.0.40 to 9.0.53 and 8.5.60 to 8.5.71 introduced a memory leak. The object introduced to collect metrics for HTTP upgrade connections was not released for WebSocket connections once the connection was closed. This created a memory leak that, over time, could lead to a denial of service via an OutOfMemoryError.
7.5
High
CVE-2021-33037 2021-07-12 12h55 +00:00 Apache Tomcat 10.0.0-M1 to 10.0.6, 9.0.0.M1 to 9.0.46 and 8.5.0 to 8.5.66 did not correctly parse the HTTP transfer-encoding request header in some circumstances leading to the possibility to request smuggling when used with a reverse proxy. Specifically: - Tomcat incorrectly ignored the transfer encoding header if the client declared it would only accept an HTTP/1.0 response; - Tomcat honoured the identify encoding; and - Tomcat did not ensure that, if present, the chunked encoding was the final encoding.
5.3
Medium
CVE-2020-12723 2020-06-05 12h20 +00:00 regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive S_study_chunk calls.
7.5
High
CVE-2020-10543 2020-06-05 11h17 +00:00 Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow.
8.2
High
CVE-2019-10219 2019-11-08 13h46 +00:00 A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.
6.1
Medium