Policy Automation Security Vulnerabilities and Issues — Policy Automation CVE List

Lucene search

OraclePolicy Automation

3 matches found

CVE•added 2019/04/20 12:29 a.m.•2267 views

CVE-2019-11358

jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable proto property, it could extend the native Object.prototype.

6.1CVSS6.4AI score0.04527EPSS

In wild

CVE•added 2019/10/15 2:15 p.m.•300 views

CVE-2019-17195

Connect2id Nimbus JOSE+JWT before v7.9 can throw various uncaught exceptions while parsing a JWT, which could result in an application crash (potential information disclosure) or a potential authentication bypass.

9.8CVSS9.2AI score0.11339EPSS

CVE•added 2019/11/08 3:15 p.m.•260 views

CVE-2019-10219

A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.

6.5CVSS6AI score0.01412EPSS