Customer Management And Segmentation Foundation Security Vulnerabilities and Issues — Customer Management And Segmentation Foundation CVE List

Lucene search

OracleCustomer Management And Segmentation Foundation

6 matches found

CVE•added 2019/08/20 9:15 p.m.•889 views

CVE-2019-10086

In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects. We, however were not using this by default characteristic of the PropertyUtilsBean.

7.5CVSS7.3AI score0.00262EPSS

CVE•added 2019/07/26 7:15 p.m.•560 views

CVE-2019-13990

initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler through 2.3.0 allows XXE attacks via a job description.

9.8CVSS9AI score0.10416EPSS

CVE•added 2019/09/15 10:15 p.m.•518 views

CVE-2019-14540

A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariConfig.

9.8CVSS9.3AI score0.07984EPSS

CVE•added 2019/10/07 12:15 a.m.•355 views

CVE-2019-17267

A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to net.sf.ehcache.hibernate.EhcacheJtaTransactionManagerLookup.

9.8CVSS9.1AI score0.01357EPSS

CVE•added 2019/09/15 10:15 p.m.•254 views

CVE-2019-16335

A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariDataSource. This is a different vulnerability than CVE-2019-14540.

9.8CVSS9.3AI score0.07984EPSS

CVE•added 2019/08/30 9:15 a.m.•203 views

CVE-2019-12402

The file name encoding algorithm used internally in Apache Commons Compress 1.15 to 1.18 can get into an infinite loop when faced with specially crafted inputs. This can lead to a denial of service attack if an attacker can choose the file names inside of an archive created by Compress.

7.5CVSS7.1AI score0.00382EPSS