Latest oracle health sciences empirica signal Vulnerabilities

● CVE-2021-45105

Apache Log4j StrSubstitutor Uncontrolled Recursion Denial-of-Service Vulnerability

redhat/eap7-log4j<0:2.17.1-1.redhat_00001.1.el8ea

redhat/eap7-log4j<0:2.17.1-1.redhat_00001.1.el7ea

redhat/rh-sso7-keycloak<0:15.0.6-1.redhat_00001.1.el7

redhat/rh-sso7-keycloak<0:15.0.6-1.redhat_00001.1.el8

debian/apache-log4j2

debian/apache-log4j2<=2.16.0-1~deb10u1<=2.16.0-1<=2.16.0-1~deb11u1

and 217 more

● CVE-2020-36518

A flaw was found in the Jackson Databind package. This cause of the issue is due to a Java StackOverflow exception and a denial of service via a significant depth of nested objects.

debian/jackson-databind<=2.9.8-3+deb10u3

redhat/jackson-databind<0:2.14.1-2.el9

redhat/eap7-jackson-databind<0:2.12.6.1-1.redhat_00003.1.el8ea

redhat/eap7-jackson-databind<0:2.12.6.1-1.redhat_00003.1.el7ea

redhat/rh-sso7-keycloak<0:15.0.8-1.redhat_00001.1.el7

redhat/rh-sso7-keycloak<0:15.0.8-1.redhat_00001.1.el8

and 88 more

● CVE-2020-1935

Apache Tomcat is vulnerable to HTTP request smuggling, caused by a flaw when handling unusual Transfer-Encoding HTTP header. By sending a specially-crafted request, an attacker could exploit this vuln...

redhat/tomcat<0:7.0.76-16.el7_9

redhat/tomcat<0:7.0.76-11.el7_6

redhat/tomcat<0:7.0.76-12.el7_7

redhat/tomcat7<0:7.0.70-41.ep7.el6

redhat/tomcat8<0:8.0.36-45.ep7.el6

redhat/tomcat7<0:7.0.70-41.ep7.el7

and 75 more

● CVE-2019-17569

redhat/jws5-tomcat<0:9.0.30-3.redhat_4.1.el6

redhat/jws5-tomcat-native<0:1.2.23-4.redhat_4.el6

redhat/jws5-tomcat<0:9.0.30-3.redhat_4.1.el7

redhat/jws5-tomcat-native<0:1.2.23-4.redhat_4.el7

redhat/jws5-tomcat<0:9.0.30-3.redhat_4.1.el8

redhat/jws5-tomcat-native<0:1.2.23-4.redhat_4.el8

and 30 more

● CVE-2020-1938

Apache Tomcat Improper Privilege Management Vulnerability

redhat/tomcat6<0:6.0.24-114.el6_10

redhat/tomcat<0:7.0.76-11.el7_7

redhat/tomcat<0:7.0.76-10.el7_6

redhat/jbossweb<0:7.5.30-2.Final_redhat_2.1.ep6.el5

redhat/glassfish-jsf12-eap6<0:1.2.15-11.b01_SP2_redhat_2.1.ep6.el5

redhat/hornetq<0:2.3.25-29.SP31_redhat_00001.1.ep6.el5

and 265 more

● CVE-2020-25649

A flaw was found in FasterXML Jackson Databind which did not have entity expansion secured properly making it vulnerable to XML external entity (XXE). This vulnerability is similar to <a href="https:...

redhat/eap7-jackson-databind<0:2.10.4-1.redhat_00002.1.el6ea

redhat/eap7-activemq-artemis<0:2.9.0-6.redhat_00016.1.el6ea

redhat/eap7-fge-btf<0:1.2.0-1.redhat_00007.1.el6ea

redhat/eap7-fge-msg-simple<0:1.1.0-1.redhat_00007.1.el6ea

redhat/eap7-hal-console<0:3.2.11-1.Final_redhat_00001.1.el6ea

redhat/eap7-hibernate-validator<0:6.0.21-1.Final_redhat_00001.1.el6ea

and 147 more

● CVE-2020-10683

dom4j could allow a remote authenticated attacker to obtain sensitive information, caused by an XML external entity (XXE) error when processing XML data. By sending specially crafted XML data, a remot...

redhat/eap7-dom4j<0:2.1.3-1.redhat_00001.1.el6ea

redhat/eap7-elytron-web<0:1.2.5-1.Final_redhat_00001.1.el6ea

redhat/eap7-glassfish-jsf<0:2.3.5-13.SP3_redhat_00011.1.el6ea

redhat/eap7-hal-console<0:3.0.23-1.Final_redhat_00001.1.el6ea

redhat/eap7-hibernate<0:5.3.17-1.Final_redhat_00001.1.el6ea

redhat/eap7-hibernate-validator<0:6.0.20-1.Final_redhat_00001.1.el6ea

and 204 more

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.