CPE Details
Oracle Communications Cloud Native Core Network Function Cloud Native Environment 1.9.0
1.9.0
2022-02-14
16h05 +00:00
16h05 +00:00
2022-02-15
03h05 +00:00
03h05 +00:00
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
CPE Name: cpe:2.3:a:oracle:communications_cloud_native_core_network_function_cloud_native_environment:1.9.0:*:*:*:*:*:*:*
Informations
Vendor
oracleProduct
communications_cloud_native_core_network_function_cloud_native_environmentVersion
1.9.0Related CVE
| CVE ID | Published | Description | Score | Severity |
|---|---|---|---|---|
| Libgcrypt before 1.8.8 and 1.9.x before 1.9.3 mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm, and the window size is not chosen appropriately. This, for example, affects use of ElGamal in OpenPGP. | 7.5 |
High |
||
| A flaw was found in dnsmasq in versions before 2.85. When configured to use a specific server for a given network interface, dnsmasq uses a fixed port while forwarding queries. An attacker on the network, able to find the outgoing port used by dnsmasq, only needs to guess the random transmission ID to forge a reply and get it accepted by dnsmasq. This flaw makes a DNS Cache Poisoning attack much easier. The highest threat from this vulnerability is to data integrity. | 4 |
Medium |
||
| A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack. | 6.1 |
Medium |
