This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Oracle First view 2018-04-26
Product Customer Management And Segmentation Foundation Last view 2020-01-03
Version 18.0 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:oracle:customer_management_and_segmentation_foundation

Activity : Overall

Related : CVE

  Date Alert Description
9.8 2020-01-03 CVE-2019-20330

FasterXML jackson-databind 2.x before 2.9.10.2 lacks certain net.sf.ehcache blocking.

9.8 2019-09-15 CVE-2019-16335

A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariDataSource. This is a different vulnerability than CVE-2019-14540.

9.8 2019-09-15 CVE-2019-14540

A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariConfig.

7.3 2019-08-20 CVE-2019-10086

In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects. We, however were not using this by default characteristic of the PropertyUtilsBean.

5.9 2018-04-26 CVE-2018-10237

Unbounded memory allocation in Google Guava 11.0 through 24.x before 24.1.1 allows remote attackers to conduct denial of service attacks against servers that depend on this library and deserialize attacker-provided data, because the AtomicDoubleArray class (when serialized with Java serialization) and the CompoundOrdering class (when serialized with GWT serialization) perform eager allocation without appropriate checks on what a client has sent and whether the data size is reasonable.

CWE : Common Weakness Enumeration

%idName
80% (4) CWE-502 Deserialization of Untrusted Data
20% (1) CWE-770 Allocation of Resources Without Limits or Throttling

Nessus® Vulnerability Scanner

id Description
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-54a5bcc7e4.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-bf292e6cdf.nasl - Type: ACT_GATHER_INFO
2018-05-21 Name: The remote Fedora host is missing a security update.
File: fedora_2018-e4c2507720.nasl - Type: ACT_GATHER_INFO
2018-05-15 Name: The remote Fedora host is missing a security update.
File: fedora_2018-db8f322bb0.nasl - Type: ACT_GATHER_INFO