Known Vulnerabilities for Communications Application Session Controller by Oracle
Listed below are 10 of the newest known vulnerabilities associated with "Communications Application Session Controller" by "Oracle".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-29425 | In Apache Commons IO before 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like "//../f... | 4.8 - MEDIUM | 2021-04-13 | 2023-11-07 |
| CVE-2021-2351 | Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versions that are affected are... | 8.3 - HIGH | 2021-07-21 | 2023-10-23 |
| CVE-2020-28052 | An issue was discovered in Legion of the Bouncy Castle BC Java 1.65 and 1.66. The OpenBSDBCrypt.checkPassword utility method ... | 8.1 - HIGH | 2020-12-18 | 2023-11-07 |
| CVE-2020-27216 | In Eclipse Jetty versions 1.0 thru 9.4.32.v20200930, 10.0.0.alpha1 thru 10.0.0.beta2, and 11.0.0.alpha1 thru 11.0.0.beta2O, o... | 7 - HIGH | 2020-10-23 | 2023-11-07 |
| CVE-2020-11987 | Apache Batik 1.13 is vulnerable to server-side request forgery, caused by improper input validation by the NodePickerPanel. B... | 8.2 - HIGH | 2021-02-24 | 2024-02-01 |
| CVE-2020-11022 | In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing... | 6.1 - MEDIUM | 2020-04-29 | 2023-11-07 |
| CVE-2020-10683 | dom4j before 2.0.3 and 2.1.x before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attac... | 9.8 - CRITICAL | 2020-05-01 | 2023-11-07 |
| CVE-2020-9488 | Improper validation of certificate with host mismatch in Apache Log4j SMTP appender. This could allow an SMTPS connection to ... | 3.7 - LOW | 2020-04-27 | 2023-11-07 |
| CVE-2020-5258 | In affected versions of dojo (NPM package), the deepCopy method is vulnerable to Prototype Pollution. Prototype Pollution ref... | 7.7 - HIGH | 2020-03-10 | 2023-11-07 |
| CVE-2019-10219 | A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consi... | 6.1 - MEDIUM | 2019-11-08 | 2023-11-07 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Oracle | Communications Application Session Controller | 3.9m0p1 | All | All | All |
| Application | Oracle | Communications Application Session Controller | 3.9.1 | All | All | All |
| Application | Oracle | Communications Application Session Controller | 3.9.0 | All | All | All |
| Application | Oracle | Communications Application Session Controller | 3.8m0 | All | All | All |
| Application | Oracle | Communications Application Session Controller | 3.8.0 | All | All | All |
| Application | Oracle | Communications Application Session Controller | 3.7.1 | All | All | All |
| Application | Oracle | Communications Application Session Controller | 3.7.0 | All | All | All |
| Application | Oracle | Communications Application Session Controller | 3.6.0 | All | All | All |
| Application | Oracle | Communications Application Session Controller | 3.0.0 | All | All | All |