Banking Enterprise Default Management Security Vulnerabilities and Issues — Banking Enterprise Default Management CVE List

Lucene search

OracleBanking Enterprise Default Management

7 matches found

CVE•added 2021/03/23 12:15 a.m.•457 views

CVE-2021-21341

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is vulnerability which may allow a remote attacker to allocate 100% CPU time on the target system depending on CPU type or parallel execution of such a payload resulting in a denial of serv...

7.5CVSS8.5AI score0.29676EPSS

CVE•added 2021/03/23 12:15 a.m.•452 views

CVE-2021-21343

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability where the processed stream at unmarshalling time contains type information to recreate the formerly written objects. XStream creates therefore new instances based on thes...

7.5CVSS7.1AI score0.00775EPSS

CVE•added 2021/07/13 8:15 a.m.•382 views

CVE-2021-36090

When reading a specially crafted ZIP archive, Compress can be made to allocate large amounts of memory that finally leads to an out of memory error even for very small inputs. This could be used to mount a denial of service attack against services that use Compress' zip package.

7.5CVSS7.5AI score0.00279EPSS

CVE•added 2021/03/23 12:15 a.m.•351 views

CVE-2021-21348

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to occupy a thread that consumes maximum CPU time and will never return. No user is affected, who followed the recommendation to setup X...

7.8CVSS7.2AI score0.00199EPSS

CVE•added 2021/07/13 8:15 a.m.•301 views

CVE-2021-35515

When reading a specially crafted 7Z archive, the construction of the list of codecs that decompress an entry can result in an infinite loop. This could be used to mount a denial of service attack against services that use Compress' sevenz package.

7.5CVSS7.2AI score0.00119EPSS

CVE•added 2021/07/13 8:15 a.m.•297 views

CVE-2021-35517

When reading a specially crafted TAR archive, Compress can be made to allocate large amounts of memory that finally leads to an out of memory error even for very small inputs. This could be used to mount a denial of service attack against services that use Compress' tar package.

7.5CVSS7.5AI score0.00313EPSS

CVE•added 2021/07/13 8:15 a.m.•275 views

CVE-2021-35516

When reading a specially crafted 7Z archive, Compress can be made to allocate large amounts of memory that finally leads to an out of memory error even for very small inputs. This could be used to mount a denial of service attack against services that use Compress' sevenz package.

7.5CVSS7.3AI score0.00311EPSS