Known Vulnerabilities for Communications Converged Application Server - Service Controller by Oracle

Listed below are 6 of the newest known vulnerabilities associated with "Communications Converged Application Server - Service Controller" by "Oracle".

These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.

Data on known vulnerable versions is also displayed based on information from known CPEs

Known Vulnerabilities

CVE	Shortened Description	Severity	Publish Date	Last Modified
CVE-2021-29425	In Apache Commons IO before 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like "//../f...	4.8 - MEDIUM	2021-04-13	2023-11-07
CVE-2020-27218	In Eclipse Jetty version 9.4.0.RC0 to 9.4.34.v20201102, 10.0.0.alpha0 to 10.0.0.beta2, and 11.0.0.alpha0 to 11.0.0.beta2, if ...	4.8 - MEDIUM	2020-11-28	2023-11-07
CVE-2020-27216	In Eclipse Jetty versions 1.0 thru 9.4.32.v20200930, 10.0.0.alpha1 thru 10.0.0.beta2, and 11.0.0.alpha1 thru 11.0.0.beta2O, o...	7 - HIGH	2020-10-23	2023-11-07
CVE-2019-10219	A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consi...	6.1 - MEDIUM	2019-11-08	2023-11-07
CVE-2018-15756	Spring Framework, version 5.1, versions 5.0.x prior to 5.0.10, versions 4.3.x prior to 4.3.20, and older unsupported versions...	7.5 - HIGH	2018-10-18	2023-11-07
CVE-2017-5645	In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from...	9.8 - CRITICAL	2017-04-17	2023-11-07

Known Affected Configurations (CPE V2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Application	Oracle	Communications Converged Application Server - Service Controller	6.1	All	All	All