Oracle Communications Cloud Native Core Policy 1.5.0

CPE Details

Oracle Communications Cloud Native Core Policy 1.5.0
oracle
communications_cloud_native_core_policy
1.5.0
2021-09-15
23h52 +00:00
2021-09-20
14h07 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.5.0:*:*:*:*:*:*:*

Informations

Vendor

oracle

Product

communications_cloud_native_core_policy

Version

1.5.0

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2020-24553 2020-09-02 14h25 +00:00 Go before 1.14.8 and 1.15.x before 1.15.1 allows XSS because text/html is the default for CGI/FCGI handlers that lack a Content-Type header.
6.1
Medium
CVE-2020-5398 2020-01-16 23h55 +00:00 In Spring Framework, versions 5.2.x prior to 5.2.3, versions 5.1.x prior to 5.1.13, and versions 5.0.x prior to 5.0.16, an application is vulnerable to a reflected file download (RFD) attack when it sets a "Content-Disposition" header in the response where the filename attribute is derived from user supplied input.
7.5
High
CVE-2017-9735 2017-06-16 19h00 +00:00 Jetty through 9.4.x is prone to a timing channel in util/security/Password.java, which makes it easier for remote attackers to obtain access by observing elapsed times before rejection of incorrect passwords.
7.5
High