Latest oracle agile product lifecycle management Vulnerabilities

● CVE-2021-41165

### Affected packages The vulnerability has been discovered in the core HTML processing module and may affect all plugins used by CKEditor 4. ### Impact A potential vulnerability has been discovered ...

Ckeditor Ckeditor<4.17.0

Drupal Drupal>=8.9.0<8.9.20

Drupal Drupal>=9.1.0<9.1.14

Drupal Drupal>=9.2.0<9.2.9

Oracle Agile Product Lifecycle Management=9.3.6

Oracle Application Express<22.1

and 19 more

● CVE-2020-1935

Apache Tomcat is vulnerable to HTTP request smuggling, caused by a flaw when handling unusual Transfer-Encoding HTTP header. By sending a specially-crafted request, an attacker could exploit this vuln...

redhat/tomcat<0:7.0.76-16.el7_9

redhat/tomcat<0:7.0.76-11.el7_6

redhat/tomcat<0:7.0.76-12.el7_7

redhat/tomcat7<0:7.0.70-41.ep7.el6

redhat/tomcat8<0:8.0.36-45.ep7.el6

redhat/tomcat7<0:7.0.70-41.ep7.el7

and 75 more

● CVE-2018-11040

Pivotal Spring Framework could allow a remote attacker to bypass security restrictions, caused by a flaw in AbstractJsonpResponseBodyAdvice for REST controllers and MappingJackson2JsonView. By sending...

IBM GDE<=3.0.0.2

maven/org.springframework:spring-core>=4.3.0<4.3.18

maven/org.springframework:spring-core>=5.0.0<5.0.7

VMware Spring Framework<4.3.18

VMware Spring Framework>=5.0.0<5.0.7

Oracle Agile Product Lifecycle Management=9.3.3

and 50 more

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.