Peoplesoft Enterprise Pt Peopletools@8.57 Security Vulnerabilities and Issues — Peoplesoft Enterprise Pt Peopletools@8.57 CVE List

Lucene search

OraclePeoplesoft Enterprise Pt Peopletools8.57

5 matches found

CVE•added 2019/08/20 9:15 p.m.•838 views

CVE-2019-10086

In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects. We, however were not using this by default characteristic of the PropertyUtilsBean.

7.5CVSS7.3AI score0.00317EPSS

CVE•added 2020/12/02 5:15 p.m.•776 views

CVE-2020-13956

Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution.

5.3CVSS5.9AI score0.00505EPSS

CVE•added 2019/12/12 3:15 a.m.•514 views

CVE-2017-18640

The Alias feature in SnakeYAML before 1.26 allows entity expansion during a load operation, a related issue to CVE-2003-1564.

7.5CVSS7.1AI score0.02166EPSS

CVE•added 2019/08/30 9:15 a.m.•197 views

CVE-2019-12402

The file name encoding algorithm used internally in Apache Commons Compress 1.15 to 1.18 can get into an infinite loop when faced with specially crafted inputs. This can lead to a denial of service attack if an attacker can choose the file names inside of an archive created by Compress.

7.5CVSS7.1AI score0.00163EPSS

CVE•added 2021/04/22 10:15 p.m.•37 views

CVE-2021-2218

Vulnerability in the PeopleSoft Enterprise PT PeopleTools product of Oracle PeopleSoft (component: Health Center). Supported versions that are affected are 8.56 and 8.57. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterpris...

8.3CVSS7.7AI score0.00528EPSS