Lucene search

K
OracleRest Data Services19c

4 matches found

CVE
CVE
added 2020/04/29 9:15 p.m.6666 views

CVE-2020-11023

In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patch...

6.9CVSS7.2AI score0.21757EPSS
CVE
CVE
added 2019/04/20 12:29 a.m.2190 views

CVE-2019-11358

jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable proto property, it could extend the native Object.prototype.

6.1CVSS6.4AI score0.02394EPSS
CVE
CVE
added 2020/10/21 3:15 p.m.33 views

CVE-2020-14745

Vulnerability in the Oracle REST Data Services product of Oracle REST Data Services (component: General). Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c and 19c; Standalone ORDS: prior to 20.2.1. Easily exploitable vulnerability allows low privileged attacker with networ...

4.3CVSS3.8AI score0.00197EPSS
CVE
CVE
added 2020/10/21 3:15 p.m.29 views

CVE-2020-14744

Vulnerability in the Oracle REST Data Services product of Oracle REST Data Services (component: General). Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c and 19c; Standalone ORDS: prior to 20.2.1. Easily exploitable vulnerability allows low privileged attacker with networ...

6.5CVSS6.4AI score0.00573EPSS