Lucene search

Spatial Studio Security Vulnerabilities

cve

CVE-2019-10219

A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.

6.1CVSS

6AI Score

0.002EPSS

2019-11-08 03:15 PM

181

cve

CVE-2020-13956

Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution.

5.3CVSS

5.9AI Score

0.002EPSS

2020-12-02 05:15 PM

494

cve

CVE-2020-36518

jackson-databind before 2.13.0 allows a Java StackOverflow exception and denial of service via a large depth of nested objects.

7.5CVSS

7.4AI Score

0.002EPSS

2022-03-11 07:15 AM

351

cve

CVE-2020-7760

This affects the package codemirror before 5.58.2; the package org.apache.marmotta.webjars:codemirror before 5.58.2. The vulnerable regular expression is located in https://github.com/codemirror/CodeMirror/blob/cdb228ac736369c685865b122b736cd0d397836c/mode/javascript/javascript.jsL129. The ReDOS vu...

7.5CVSS

6AI Score

0.017EPSS

2020-10-30 11:15 AM

121

cve

CVE-2021-2351

Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 19c. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Oracle Net to compromise Advanced Networking Option. S...

8.3CVSS

8.5AI Score

0.013EPSS

2021-07-21 03:15 PM

165