Known Vulnerabilities for Communications Application Session Controller by Oracle
Listed below are 10 of the newest known vulnerabilities associated with "Communications Application Session Controller" by "Oracle".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-29425 json | In Apache Commons IO before 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like "//../f... | 4.8 - MEDIUM | 2021-04-13 | 2023-11-07 |
| CVE-2021-2351 json | Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versions that are affected are... | 8.3 - HIGH | 2021-07-21 | 2023-10-23 |
| CVE-2020-28052 json | An issue was discovered in Legion of the Bouncy Castle BC Java 1.65 and 1.66. The OpenBSDBCrypt.checkPassword utility method ... | 8.1 - HIGH | 2020-12-18 | 2023-11-07 |
| CVE-2020-27216 json | In Eclipse Jetty versions 1.0 thru 9.4.32.v20200930, 10.0.0.alpha1 thru 10.0.0.beta2, and 11.0.0.alpha1 thru 11.0.0.beta2O, o... | 7 - HIGH | 2020-10-23 | 2023-11-07 |
| CVE-2020-11987 json | Apache Batik 1.13 is vulnerable to server-side request forgery, caused by improper input validation by the NodePickerPanel. B... | 8.2 - HIGH | 2021-02-24 | 2024-02-01 |
| CVE-2020-10683 json | dom4j before 2.0.3 and 2.1.x before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attac... | 9.8 - CRITICAL | 2020-05-01 | 2023-11-07 |
| CVE-2020-9488 json | Improper validation of certificate with host mismatch in Apache Log4j SMTP appender. This could allow an SMTPS connection to ... | 3.7 - LOW | 2020-04-27 | 2023-11-07 |
| CVE-2020-5258 json | In affected versions of dojo (NPM package), the deepCopy method is vulnerable to Prototype Pollution. Prototype Pollution ref... | 7.7 - HIGH | 2020-03-10 | 2023-11-07 |
| CVE-2019-17566 json | Apache Batik is vulnerable to server-side request forgery, caused by improper input validation by the "xlink:href" attributes... | 7.5 - HIGH | 2020-11-12 | 2024-01-07 |
| CVE-2019-11358 json | jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of ... | 6.1 - MEDIUM | 2019-04-20 | 2023-11-07 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Oracle | Communications Application Session Controller | 3.9m0p1 | |||
| Application | Oracle | Communications Application Session Controller | 3.9.1 | |||
| Application | Oracle | Communications Application Session Controller | 3.9.0 | |||
| Application | Oracle | Communications Application Session Controller | 3.8m0 | |||
| Application | Oracle | Communications Application Session Controller | 3.8.0 | |||
| Application | Oracle | Communications Application Session Controller | 3.7.1 | |||
| Application | Oracle | Communications Application Session Controller | 3.7.0 | |||
| Application | Oracle | Communications Application Session Controller | 3.6.0 | |||
| Application | Oracle | Communications Application Session Controller | 3.0.0 |