Latest oracle webcenter portal Vulnerabilities

CVE-2021-45105
Apache Log4j StrSubstitutor Uncontrolled Recursion Denial-of-Service Vulnerability
redhat/eap7-log4j<0:2.17.1-1.redhat_00001.1.el8ea
redhat/eap7-log4j<0:2.17.1-1.redhat_00001.1.el7ea
redhat/rh-sso7-keycloak<0:15.0.6-1.redhat_00001.1.el7
redhat/rh-sso7-keycloak<0:15.0.6-1.redhat_00001.1.el8
debian/apache-log4j2
debian/apache-log4j2<=2.16.0-1~deb10u1<=2.16.0-1<=2.16.0-1~deb11u1
and 217 more
CVE-2021-41165
### Affected packages The vulnerability has been discovered in the core HTML processing module and may affect all plugins used by CKEditor 4. ### Impact A potential vulnerability has been discovered ...
Ckeditor Ckeditor<4.17.0
Drupal Drupal>=8.9.0<8.9.20
Drupal Drupal>=9.1.0<9.1.14
Drupal Drupal>=9.2.0<9.2.9
Oracle Agile Product Lifecycle Management=9.3.6
Oracle Application Express<22.1
and 19 more
CVE-2021-41164
CKEditor4 is an open source WYSIWYG HTML editor. In affected versions a vulnerability has been discovered in the Advanced Content Filter (ACF) module and may affect all plugins used by CKEditor 4. The...
Ckeditor Ckeditor>=4.0<4.17.0
Drupal Drupal>=8.9.0<8.9.20
Drupal Drupal>=9.1.0<9.1.14
Drupal Drupal>=9.2.0<9.2.9
Oracle Banking Apis>=18.1<=18.3
Oracle Banking Apis=19.1
and 19 more
CVE-2021-37136
### Impact The Bzip2 decompression decoder function doesn't allow setting size restrictions on the decompressed output data (which affects the allocation size used during decompression). All users o...
maven/io.netty:netty<4.0.0
maven/org.jboss.netty:netty<4.0.0
maven/io.netty:netty-codec<4.1.68.Final
Netty Netty<4.1.68
Quarkus Quarkus<2.2.4
Oracle Banking Apis>=18.1<=18.3
and 44 more
CVE-2021-37137
### Impact The Snappy frame decoder function doesn't restrict the chunk length which may lead to excessive memory usage. Beside this it also may buffer reserved skippable chunks until the whole chunk ...
redhat/eap7-netty<0:4.1.72-4.Final_redhat_00001.1.el8ea
redhat/eap7-netty<0:4.1.72-4.Final_redhat_00001.1.el7ea
redhat/candlepin<0:4.1.15-1.el8
maven/io.netty:netty<4.0.0
maven/org.jboss.netty:netty<4.0.0
maven/io.netty:netty-codec>=4.0.0<4.1.68.Final
and 61 more
CVE-2021-39147
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only b...
redhat/xstream<0:1.3.1-16.el7_9
debian/libxstream-java
redhat/xstream<1.4.18
Xstream Project Xstream<1.4.18
Fedoraproject Fedora=33
Fedoraproject Fedora=34
and 33 more
CVE-2021-39149
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only b...
redhat/xstream<0:1.3.1-16.el7_9
debian/libxstream-java
redhat/xstream<1.4.18
Xstream Project Xstream<1.4.18
Fedoraproject Fedora=33
Fedoraproject Fedora=34
and 33 more
CVE-2021-39145
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only b...
redhat/xstream<0:1.3.1-16.el7_9
debian/libxstream-java
redhat/xstream<1.4.18
Xstream Project Xstream<1.4.18
Debian Debian Linux=9.0
Debian Debian Linux=10.0
and 33 more
CVE-2021-39154
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only b...
redhat/xstream<0:1.3.1-16.el7_9
debian/libxstream-java
redhat/xstream<1.4.18
Xstream Project Xstream<1.4.18
Fedoraproject Fedora=33
Fedoraproject Fedora=34
and 33 more
CVE-2021-39146
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only b...
redhat/xstream<0:1.3.1-16.el7_9
debian/libxstream-java
redhat/xstream<1.4.18
Xstream Project Xstream<1.4.18
Fedoraproject Fedora=33
Fedoraproject Fedora=34
and 33 more
CVE-2021-39148
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only b...
redhat/xstream<0:1.3.1-16.el7_9
debian/libxstream-java
redhat/xstream<1.4.18
Xstream Project Xstream<1.4.18
Fedoraproject Fedora=33
Fedoraproject Fedora=34
and 33 more
CVE-2021-39139
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only b...
redhat/xstream<0:1.3.1-16.el7_9
debian/libxstream-java
redhat/xstream<1.4.18
Xstream Project Xstream<1.4.18
Debian Debian Linux=9.0
Debian Debian Linux=10.0
and 33 more
CVE-2021-39144
XStream Remote Code Execution Vulnerability
redhat/xstream<0:1.3.1-16.el7_9
debian/libxstream-java
XStream XStream
redhat/xstream<1.4.18
Xstream Project Xstream<1.4.18
Debian Debian Linux=9.0
and 34 more
CVE-2021-39151
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only b...
redhat/xstream<0:1.3.1-16.el7_9
debian/libxstream-java
redhat/xstream<1.4.18
Xstream Project Xstream<1.4.18
Fedoraproject Fedora=33
Fedoraproject Fedora=34
and 33 more
CVE-2021-39152
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to request data from internal resources that are not publicl...
redhat/xstream<0:1.3.1-16.el7_9
debian/libxstream-java
redhat/xstream<1.4.18
Xstream Project Xstream<1.4.18
Fedoraproject Fedora=33
Fedoraproject Fedora=34
and 33 more
CVE-2021-39140
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to allocate 100% CPU time on the target system depending on ...
redhat/xstream<0:1.3.1-16.el7_9
debian/libxstream-java
redhat/xstream<1.4.18
Xstream Project Xstream<1.4.18
Debian Debian Linux=9.0
Debian Debian Linux=10.0
and 33 more
CVE-2021-39150
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to request data from internal resources that are not publicl...
redhat/xstream<0:1.3.1-16.el7_9
debian/libxstream-java
redhat/xstream<1.4.18
Xstream Project Xstream<1.4.18
Fedoraproject Fedora=33
Fedoraproject Fedora=34
and 33 more
CVE-2021-39141
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only b...
redhat/xstream<0:1.3.1-16.el7_9
debian/libxstream-java
redhat/xstream<1.4.18
Xstream Project Xstream<1.4.18
Debian Debian Linux=9.0
Debian Debian Linux=10.0
and 33 more
CVE-2021-39153
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker to load and execute arbitrary code from a remote host only b...
redhat/xstream<0:1.3.1-16.el7_9
debian/libxstream-java
redhat/xstream<1.4.18
Xstream Project Xstream<1.4.18
Fedoraproject Fedora=33
Fedoraproject Fedora=34
and 27 more
CVE-2021-37714
jsoup is a Java library for working with HTML. Those using jsoup versions prior to 1.14.2 to parse untrusted HTML or XML may be vulnerable to DOS attacks. If the parser is run on user supplied input, ...
redhat/eap7-apache-cxf<0:3.3.12-1.redhat_00001.1.el6ea
redhat/eap7-ironjacamar<0:1.5.3-1.Final_redhat_00001.1.el6ea
redhat/eap7-jakarta-el<0:3.0.3-3.redhat_00007.1.el6ea
redhat/eap7-jboss-ejb-client<0:4.0.43-1.Final_redhat_00001.1.el6ea
redhat/eap7-jboss-server-migration<0:1.7.2-10.Final_redhat_00011.1.el6ea
redhat/eap7-jsoup<0:1.14.2-1.redhat_00002.1.el6ea
and 55 more
CVE-2021-36090
A flaw was found in apache-commons-compress. When reading a specially crafted ZIP archive, Compress can allocate large amounts of memory that leads to an out-of-memory error for small inputs. This fla...
redhat/apache-commons-compress<0:1.21-1.2.el8e
IBM Cloud Pak System<=V2.3.0 - V2.3.3.3 Interim Fix 1
redhat/apache-commons-compress<1.21
Apache Commons Compress>=1.0<1.21
Oracle Banking Apis>=18.1<=18.3
Oracle Banking Apis=19.1
and 69 more
CVE-2021-35517
A flaw was found in apache-commons-compress. When reading a specially crafted TAR archive, Compress can allocate large amounts of memory that leads to an out-of-memory error for small inputs. This fla...
redhat/apache-commons-compress<0:1.21-1.2.el8e
redhat/apache-commons-compress<1.21
Apache Commons Compress>=1.1<=1.20
Netapp Active Iq Unified Manager Linux
Netapp Active Iq Unified Manager Vmware Vsphere
Netapp Active Iq Unified Manager Windows
and 50 more
CVE-2021-35516
A flaw was found in apache-commons-compress. When reading a specially crafted 7Z archive, Compress can allocate large amounts of memory that leads to an out-of-memory error for very small inputs. This...
redhat/apache-commons-compress<0:1.21-1.2.el8e
redhat/apache-commons-compress<1.21
Apache Commons Compress>=1.6<=1.20
Netapp Active Iq Unified Manager Linux
Netapp Active Iq Unified Manager Vmware Vsphere
Netapp Active Iq Unified Manager Windows
and 43 more
CVE-2021-29505
XStream is software for serializing Java objects to XML and back again. A vulnerability in XStream versions prior to 1.4.17 may allow a remote attacker has sufficient rights to execute commands of the...
redhat/xstream<0:1.3.1-14.el7_9
debian/libxstream-java
redhat/xstream<1.4.17
Xstream Project Xstream<1.4.17
Debian Debian Linux=9.0
Debian Debian Linux=10.0
and 37 more
CVE-2021-29425
Apache Commons IO could allow a remote attacker to traverse directories on the system, caused by improper input validation by the FileNameUtils.normalize method. An attacker could send a specially-cra...
redhat/eap7-apache-commons-io<0:2.10.0-1.redhat_00001.1.el6ea
redhat/eap7-hal-console<0:3.2.16-1.Final_redhat_00001.1.el6ea
redhat/eap7-hibernate<0:5.3.20-4.SP2_redhat_00001.1.el6ea
redhat/eap7-ironjacamar<0:1.4.35-1.Final_redhat_00001.1.el6ea
redhat/eap7-jakarta-el<0:3.0.3-2.redhat_00006.1.el6ea
redhat/eap7-jberet<0:1.3.9-1.Final_redhat_00001.1.el6ea
and 185 more
CVE-2021-28657
A carefully crafted or corrupt file may trigger an infinite loop in Tika's MP3Parser up to and including Tika 1.25. Apache Tika users should upgrade to 1.26 or later.
Apache Tika<=1.25
Oracle Healthcare Foundation=7.3.0
Oracle Healthcare Foundation=8.0.0
Oracle Healthcare Foundation=8.1.0
Oracle Primavera Unifier>=17.7<=17.12
Oracle Primavera Unifier=18.8
and 5 more
CVE-2021-21344
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to load and execute arbitrary code fr...
redhat/xstream<0:1.3.1-13.el7_9
debian/libxstream-java
redhat/xstream<1.4.16
Xstream Project Xstream<1.4.16
Debian Debian Linux=9.0
Debian Debian Linux=10.0
and 32 more
CVE-2021-21348
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to occupy a thread that consumes maxi...
debian/libxstream-java
redhat/xstream<1.4.16
Xstream Project Xstream<1.4.16
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Debian Debian Linux=11.0
and 30 more
CVE-2021-21342
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability where the processed stream at unmarshalling time contains type informat...
Xstream Project Xstream<1.4.16
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Debian Debian Linux=11.0
Fedoraproject Fedora=33
Fedoraproject Fedora=34
and 28 more
CVE-2021-21349
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to request data from internal resourc...
debian/libxstream-java
redhat/xstream<1.4.16
Xstream Project Xstream<1.4.16
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Debian Debian Linux=11.0
and 33 more
CVE-2021-21341
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is vulnerability which may allow a remote attacker to allocate 100% CPU time on the target...
debian/libxstream-java
redhat/xstream<1.4.16
Xstream Project Xstream<1.4.16
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Debian Debian Linux=11.0
and 25 more
CVE-2021-21350
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to execute arbitrary code only by man...
redhat/xstream<0:1.3.1-13.el7_9
debian/libxstream-java
redhat/xstream<1.4.16
Xstream Project Xstream<1.4.16
Debian Debian Linux=9.0
Debian Debian Linux=10.0
and 34 more
CVE-2021-21346
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to load and execute arbitrary code fr...
redhat/xstream<0:1.3.1-13.el7_9
debian/libxstream-java
redhat/xstream<1.4.16
Xstream Project Xstream<1.4.16
Debian Debian Linux=9.0
Debian Debian Linux=10.0
and 33 more
CVE-2021-21347
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to load and execute arbitrary code fr...
redhat/xstream<0:1.3.1-13.el7_9
debian/libxstream-java
redhat/xstream<1.4.16
Xstream Project Xstream<1.4.16
Debian Debian Linux=9.0
Debian Debian Linux=10.0
and 34 more
CVE-2021-21345
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker who has sufficient rights to execute ...
redhat/xstream<0:1.3.1-13.el7_9
debian/libxstream-java
redhat/xstream<1.4.16
Xstream Project Xstream<1.4.16
Debian Debian Linux=9.0
Debian Debian Linux=10.0
and 32 more
CVE-2021-21351
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability may allow a remote attacker to load and execute arbitrary code from a r...
debian/libxstream-java
redhat/xstream<1.4.16
Xstream Project Xstream<1.4.16
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Debian Debian Linux=11.0
and 30 more
CVE-2021-21343
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability where the processed stream at unmarshalling time contains type informat...
debian/libxstream-java
redhat/xstream<1.4.16
Xstream Project Xstream<1.4.16
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Debian Debian Linux=11.0
and 29 more
CVE-2020-36180
A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity...
maven/com.fasterxml.jackson.core:jackson-databind>=2.0.0<2.6.7.5
maven/com.fasterxml.jackson.core:jackson-databind>=2.7.0<2.9.10.8
redhat/jackson-databind<2.9.10.8
Netapp Cloud Backup
NetApp Service Level Manager
Debian Debian Linux=9.0
and 72 more
CVE-2020-36183
A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity...
maven/com.fasterxml.jackson.core:jackson-databind>=2.0.0<2.6.7.5
maven/com.fasterxml.jackson.core:jackson-databind>=2.7.00<2.9.10.8
redhat/jackson-databind<2.9.10.8
FasterXML jackson-databind>=2.0.0.<2.6.7.5
FasterXML jackson-databind>=2.7.0<2.9.10.8
Netapp Cloud Backup
and 72 more
CVE-2020-36182
A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity...
maven/com.fasterxml.jackson.core:jackson-databind>=2.0.0<2.6.7.5
maven/com.fasterxml.jackson.core:jackson-databind>=2.7.0<2.9.10.8
redhat/jackson-databind<2.9.10.8
FasterXML jackson-databind>=2.0.0<2.6.7.5
FasterXML jackson-databind>=2.7.0<2.9.10.8
Netapp Cloud Backup
and 72 more
CVE-2020-36181
A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity...
maven/com.fasterxml.jackson.core:jackson-databind>=2.0.0<2.6.7.5
maven/com.fasterxml.jackson.core:jackson-databind>=2.7.0<2.9.10.8
redhat/jackson-databind<2.9.10.8
NetApp Service Level Manager
Debian Debian Linux=9.0
Oracle Agile PLM=9.3.6
and 71 more
CVE-2020-36179
A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity...
maven/com.fasterxml.jackson.core:jackson-databind>=2.0.0<2.6.7.5
maven/com.fasterxml.jackson.core:jackson-databind>=2.7.0<2.9.10.8
redhat/jackson-databind<2.9.10.8
Netapp Cloud Backup
NetApp Service Level Manager
Debian Debian Linux=9.0
and 65 more
CVE-2020-36184
A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity...
maven/com.fasterxml.jackson.core:jackson-databind>=2.0.0<2.9.10.8
redhat/jackson-databind<2.9.10.8
Netapp Cloud Backup
NetApp Service Level Manager
Debian Debian Linux=9.0
Oracle Agile PLM=9.3.6
and 71 more
CVE-2020-35728
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool (aka em...
IBM Disconnected Log Collector<=v1.0 - v1.8.2
maven/com.fasterxml.jackson.core:jackson-databind>=2.0.0<=2.9.10.7
redhat/jackson-databind<2.9.10.8
FasterXML jackson-databind>=2.9.0<2.9.10.8
Debian Debian Linux=9.0
NetApp Service Level Manager
and 62 more
CVE-2020-36188
A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity...
maven/com.fasterxml.jackson.core:jackson-databind>=2.0.0<2.6.7.5
maven/com.fasterxml.jackson.core:jackson-databind>=2.7.0<2.9.10.8
IBM Disconnected Log Collector<=v1.0 - v1.8.2
redhat/jackson-databind<2.9.10.8
FasterXML jackson-databind>=2.0.0<2.6.7.5
FasterXML jackson-databind>=2.7.0<2.9.10.8
and 73 more
CVE-2020-36189
A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity...
maven/com.fasterxml.jackson.core:jackson-databind<2.6.7.5
maven/com.fasterxml.jackson.core:jackson-databind>=2.7.0<2.9.10.8
IBM Disconnected Log Collector<=v1.0 - v1.8.2
redhat/jackson-databind<2.9.10.8
FasterXML jackson-databind>=2.0.0<2.6.7.5
FasterXML jackson-databind>=2.7.0<2.9.10.8
and 65 more
CVE-2020-36186
A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity...
maven/com.fasterxml.jackson.core:jackson-databind>=2.0.0<2.9.10.8
redhat/jackson-databind<2.9.10.8
FasterXML jackson-databind>=2.0.0<2.6.7.5
FasterXML jackson-databind>=2.7.0<2.9.10.8
Netapp Cloud Backup
NetApp Service Level Manager
and 71 more
CVE-2020-36187
A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity...
maven/com.fasterxml.jackson.core:jackson-databind>=2.0.0<2.9.10.8
redhat/jackson-databind<2.9.10.8
FasterXML jackson-databind>=2.0.0<2.6.7.5
FasterXML jackson-databind>=2.7.0<2.9.10.8
Netapp Cloud Backup
NetApp Service Level Manager
and 71 more
CVE-2020-36185
A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity...
maven/com.fasterxml.jackson.core:jackson-databind>=2.0.0<2.9.10.8
redhat/jackson-databind<2.9.10.8
FasterXML jackson-databind>=2.0.0<2.6.7.5
FasterXML jackson-databind>=2.7.0<2.9.10.8
Netapp Cloud Backup
NetApp Service Level Manager
and 71 more
CVE-2020-28052
An issue was discovered in Legion of the Bouncy Castle BC Java 1.65 and 1.66. The OpenBSDBCrypt.checkPassword utility method compared incorrect data when checking the password, allowing incorrect pass...
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api=1.65
Bouncycastle Legion-of-the-bouncy-castle-java-crytography-api=1.66
Apache Karaf=4.3.2
Oracle Banking Corporate Lending Process Management=14.2.0
Oracle Banking Corporate Lending Process Management=14.3.0
Oracle Banking Corporate Lending Process Management=14.5.0
and 81 more

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203