Banking Extensibility Workbench@14.4.0 Security Vulnerabilities and Issues — Banking Extensibility Workbench@14.4.0 CVE List

Lucene search

OracleBanking Extensibility Workbench14.4.0

5 matches found

CVE•added 2020/03/12 7:15 p.m.•762 views

CVE-2020-10531

An issue was discovered in International Components for Unicode (ICU) for C/C++ through 66.1. An integer overflow, leading to a heap-based buffer overflow, exists in the UnicodeString::doAppend() function in common/unistr.cpp.

8.8CVSS8.7AI score0.0064EPSS

CVE•added 2020/06/03 11:15 p.m.•635 views

CVE-2020-11080

In nghttp2 before version 1.41.0, the overly large HTTP/2 SETTINGS frame payload causes denial of service. The proof of concept attack involves a malicious client constructing a SETTINGS frame with a length of 14,400 bytes (2400 individual settings entries) over and over again. The attack causes th...

7.5CVSS6.5AI score0.00741EPSS

CVE•added 2019/07/26 12:15 a.m.•520 views

CVE-2019-10744

Versions of lodash lower than 4.17.12 are vulnerable to Prototype Pollution. The function defaultsDeep could be tricked into adding or modifying properties of Object.prototype using a constructor payload.

9.1CVSS8.9AI score0.0341EPSS

CVE•added 2020/07/24 10:15 p.m.•359 views

CVE-2020-8174

napi_get_value_string_*() allows various kinds of memory corruption in node < 10.21.0, 12.18.0, and < 14.4.0.

9.3CVSS8.1AI score0.01274EPSS

CVE•added 2020/06/08 2:15 p.m.•167 views

CVE-2020-8172

TLS session reuse can lead to host certificate verification bypass in node version < 12.18.0 and < 14.4.0.

7.4CVSS7.4AI score0.01016EPSS