Oracle Communications Instant Messaging Server 10.0.1.3.0

CPE Details

Oracle Communications Instant Messaging Server 10.0.1.3.0
oracle
communications_instant_messaging_server
10.0.1.3.0
2021-03-16
16h12 +00:00
2021-04-21
12h25 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:oracle:communications_instant_messaging_server:10.0.1.3.0:*:*:*:*:*:*:*

Informations

Vendor

oracle

Product

communications_instant_messaging_server

Version

10.0.1.3.0

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2019-14439 2019-07-30 08h49 +00:00 A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9.2. This occurs when Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the logback jar in the classpath.
7.5
High
CVE-2019-14379 2019-07-29 09h42 +00:00 SubTypeValidator.java in FasterXML jackson-databind before 2.9.9.2 mishandles default typing when ehcache is used (because of net.sf.ehcache.transaction.manager.DefaultTransactionManagerLookup), leading to remote code execution.
9.8
Critical
CVE-2018-14718 2019-01-02 17h00 +00:00 FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the slf4j-ext class from polymorphic deserialization.
9.8
Critical
CVE-2017-5645 2017-04-17 19h00 +00:00 In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code.
9.8
Critical