Known Vulnerabilities for Fusion Middleware by Oracle
Listed below are 10 of the newest known vulnerabilities associated with "Fusion Middleware" by "Oracle".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-2351 | Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versions that are affected are... | 8.3 - HIGH | 2021-07-21 | 2023-10-23 |
| CVE-2020-14750 | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions that... | 9.8 - CRITICAL | 2020-11-02 | 2022-07-01 |
| CVE-2020-10683 | dom4j before 2.0.3 and 2.1.x before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attac... | 9.8 - CRITICAL | 2020-05-01 | 2023-11-07 |
| CVE-2020-5421 | In Spring Framework versions 5.2.0 - 5.2.8, 5.1.0 - 5.1.17, 5.0.0 - 5.0.18, 4.3.0 - 4.3.28, and older unsupported versions, t... | 6.5 - MEDIUM | 2020-09-19 | 2023-11-07 |
| CVE-2019-10219 | A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consi... | 6.1 - MEDIUM | 2019-11-08 | 2023-11-07 |
| CVE-2019-10086 | In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an att... | 7.3 - HIGH | 2019-08-20 | 2023-11-07 |
| CVE-2018-3109 | Vulnerability in the Oracle Fusion Middleware MapViewer component of Oracle Fusion Middleware (subcomponent: Map Builder). Su... | 6.5 - MEDIUM | 2018-08-02 | 2019-10-03 |
| CVE-2018-3108 | Vulnerability in the Oracle Fusion Middleware component of Oracle Fusion Middleware (subcomponent: Oracle Notification Servic... | 6.5 - MEDIUM | 2018-08-02 | 2019-10-03 |
| CVE-2018-1305 | Security constraints defined by annotations of Servlets in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0... | 6.5 - MEDIUM | 2018-02-23 | 2023-12-08 |
| CVE-2018-1304 | The URL pattern of "" (the empty string) which exactly maps to the context root was not correctly handled in Apache Tomcat 9.... | 5.9 - MEDIUM | 2018-02-28 | 2023-12-08 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Oracle | Fusion Middleware | 9.2.4 | All | All | All |
| Application | Oracle | Fusion Middleware | 8.5.4 | All | All | All |
| Application | Oracle | Fusion Middleware | 8.5.3 | All | All | All |
| Application | Oracle | Fusion Middleware | 8.5.2 | All | All | All |
| Application | Oracle | Fusion Middleware | 8.5.1 | All | All | All |
| Application | Oracle | Fusion Middleware | 8.5.0 | All | All | All |
| Application | Oracle | Fusion Middleware | 8.4.1 | All | All | All |
| Application | Oracle | Fusion Middleware | 8.4 | All | All | All |
| Application | Oracle | Fusion Middleware | 8.3.7.0 | All | All | All |
| Application | Oracle | Fusion Middleware | 8.3.5.0 | All | All | All |
| Application | Oracle | Fusion Middleware | 8.3.2.0 | All | All | All |
| Application | Oracle | Fusion Middleware | 8.0 | update2_patch5 | All | All |
| Application | Oracle | Fusion Middleware | 7.6.2 | All | All | All |
| Application | Oracle | Fusion Middleware | 7.6.1 | All | All | All |
| Application | Oracle | Fusion Middleware | 7.5.2 | All | All | All |
| Application | Oracle | Fusion Middleware | 7.5.1.1 | All | All | All |
| Application | Oracle | Fusion Middleware | 7.5 | All | All | All |
| Application | Oracle | Fusion Middleware | 7.4.0 | All | All | All |
| Application | Oracle | Fusion Middleware | 7.0.3 | All | All | All |
| Application | Oracle | Fusion Middleware | 7.0.2 | All | All | All |