Communications Application Session Controller Security Vulnerabilities and Issues — Communications Application Session Controller CVE List

Lucene search

OracleCommunications Application Session Controller

3 matches found

CVE•added 2018/10/04 1:29 p.m.•663 views

CVE-2018-11784

When the default servlet in Apache Tomcat versions 9.0.0.M1 to 9.0.11, 8.5.0 to 8.5.33 and 7.0.23 to 7.0.90 returned a redirect to a directory (e.g. redirecting to '/foo/' when the user requested '/foo') a specially crafted URL could be used to cause the redirect to be generated to any URI of the a...

4.3CVSS5.1AI score0.86748EPSS

CVE•added 2018/07/09 8:29 p.m.•242 views

CVE-2018-1000613

Legion of the Bouncy Castle Legion of the Bouncy Castle Java Cryptography APIs 1.58 up to but not including 1.60 contains a CWE-470: Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') vulnerability in XMSS/XMSS^MT private key deserialization that can result in Deseri...

9.8CVSS8.6AI score0.06209EPSS

CVE•added 2018/06/05 1:29 p.m.•185 views

CVE-2018-1000180

Bouncy Castle BC 1.54 - 1.59, BC-FJA 1.0.0, BC-FJA 1.0.1 and earlier have a flaw in the Low-level interface to RSA key pair generator, specifically RSA Key Pairs generated in low-level API with added certainty may have less M-R tests than expected. This appears to be fixed in versions BC 1.60 beta ...

7.5CVSS7.1AI score0.00221EPSS