Oracle

Utilities Framework

37 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2020-36518

Exploit
  • EPSS 0.6%
  • Published 11.03.2022 07:15:07
  • Last modified 27.08.2025 21:15:36

jackson-databind before 2.13.0 allows a Java StackOverflow exception and denial of service via a large depth of nested objects.

5.9

CVE-2021-45105

Warning
  • EPSS 65.66%
  • Published 18.12.2021 12:15:07
  • Last modified 21.11.2024 06:31:58

Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from self-referential lookups. This allows an attacker with control over Thread Context Map data to cause a denial of service wh...

8.5

CVE-2021-39152

Exploit
  • EPSS 67.83%
  • Published 23.08.2021 19:15:13
  • Last modified 23.05.2025 16:47:47

XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to request data from internal resources that are not publicly available only by manipulating the processed inp...

8.5

CVE-2021-39150

Exploit
  • EPSS 2.31%
  • Published 23.08.2021 19:15:12
  • Last modified 23.05.2025 16:48:02

XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to request data from internal resources that are not publicly available only by manipulating the processed inp...

6.3

CVE-2021-39140

Exploit
  • EPSS 0.12%
  • Published 23.08.2021 19:15:10
  • Last modified 23.05.2025 16:50:34

XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to allocate 100% CPU time on the target system depending on CPU type or parallel execution of such a payload r...

8.5

CVE-2021-39154

Exploit
  • EPSS 0.71%
  • Published 23.08.2021 18:15:13
  • Last modified 23.05.2025 16:47:35

XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user...

8.5

CVE-2021-39153

Exploit
  • EPSS 0.68%
  • Published 23.08.2021 18:15:13
  • Last modified 23.05.2025 16:50:17

XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream, if usin...

8.5

CVE-2021-39149

Exploit
  • EPSS 0.68%
  • Published 23.08.2021 18:15:12
  • Last modified 23.05.2025 16:50:01

XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user...

8.5

CVE-2021-39141

Exploit
  • EPSS 81.84%
  • Published 23.08.2021 18:15:12
  • Last modified 23.05.2025 16:52:36

XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user...

8.5

CVE-2021-39144

Warning Exploit
  • EPSS 94.41%
  • Published 23.08.2021 18:15:12
  • Last modified 23.05.2025 16:49:25

XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker has sufficient rights to execute commands of the host only by manipulating the processed input stream. No user...