Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Oracle Subscribe
Filtered by product Communications Cloud Native Core Network Function Cloud Native Environment
Total 43 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-3537 6 Debian, Fedoraproject, Netapp and 3 more 20 Debian Linux, Fedora, Active Iq Unified Manager and 17 more 2023-02-28 4.3 MEDIUM 5.9 MEDIUM
A vulnerability found in libxml2 in versions before 2.9.11 shows that it did not propagate errors while parsing XML mixed content, causing a NULL dereference. If an untrusted XML document was parsed in recovery mode and post-validated, the flaw could be used to crash the application. The highest threat from this vulnerability is to system availability.
CVE-2021-43396 2 Gnu, Oracle 7 Glibc, Communications Cloud Native Core Binding Support Function, Communications Cloud Native Core Network Function Cloud Native Environment and 4 more 2023-02-24 5.0 MEDIUM 7.5 HIGH
** DISPUTED ** In iconvdata/iso-2022-jp-3.c in the GNU C Library (aka glibc) 2.34, remote attackers can force iconv() to emit a spurious '\0' character via crafted ISO-2022-JP-3 data that is accompanied by an internal state reset. This may affect data integrity in certain iconv() use cases. NOTE: the vendor states "the bug cannot be invoked through user input and requires iconv to be invoked with a NULL inbuf, which ought to require a separate application bug to do so unintentionally. Hence there's no security impact to the bug."
CVE-2020-25659 2 Oracle, Python-cryptography Project 2 Communications Cloud Native Core Network Function Cloud Native Environment, Python-cryptography 2023-02-08 4.3 MEDIUM 5.9 MEDIUM
python-cryptography 3.2 is vulnerable to Bleichenbacher timing attacks in the RSA decryption API, via timed processing of valid PKCS#1 v1.5 ciphertext.
CVE-2022-22965 5 Cisco, Oracle, Siemens and 2 more 38 Cx Cloud Agent, Commerce Platform, Communications Cloud Native Core Automated Test Suite and 35 more 2023-02-08 7.5 HIGH 9.8 CRITICAL
A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature of the vulnerability is more general, and there may be other ways to exploit it.
CVE-2020-1747 4 Fedoraproject, Opensuse, Oracle and 1 more 4 Fedora, Leap, Communications Cloud Native Core Network Function Cloud Native Environment and 1 more 2023-02-03 10.0 HIGH 9.8 CRITICAL
A vulnerability was discovered in the PyYAML library in versions before 5.3.1, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. Applications that use the library to process untrusted input may be vulnerable to this flaw. An attacker could use this flaw to execute arbitrary code on the system by abusing the python/object/new constructor.
CVE-2020-27619 3 Fedoraproject, Oracle, Python 3 Fedora, Communications Cloud Native Core Network Function Cloud Native Environment, Python 2023-01-31 7.5 HIGH 9.8 CRITICAL
In Python 3 through 3.9.0, the Lib/test/multibytecodec_support.py CJK codec tests call eval() on content retrieved via HTTP.
CVE-2020-26137 4 Canonical, Debian, Oracle and 1 more 5 Ubuntu Linux, Debian Linux, Communications Cloud Native Core Network Function Cloud Native Environment and 2 more 2023-01-31 6.4 MEDIUM 6.5 MEDIUM
urllib3 before 1.25.9 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of putrequest(). NOTE: this is similar to CVE-2020-26116.
CVE-2021-22947 7 Apple, Debian, Fedoraproject and 4 more 33 Macos, Debian Linux, Fedora and 30 more 2023-01-05 4.3 MEDIUM 5.9 MEDIUM
When curl >= 7.20.0 and <= 7.78.0 connects to an IMAP or POP3 server to retrieve data using STARTTLS to upgrade to TLS security, the server can respond and send back multiple responses at once that curl caches. curl would then upgrade to TLS but not flush the in-queue of cached responses but instead continue using and trustingthe responses it got *before* the TLS handshake as if they were authenticated.Using this flaw, it allows a Man-In-The-Middle attacker to first inject the fake responses, then pass-through the TLS traffic from the legitimate server and trick curl into sending data back to the user thinking the attacker's injected data comes from the TLS-protected server.
CVE-2021-22946 7 Apple, Debian, Fedoraproject and 4 more 36 Macos, Debian Linux, Fedora and 33 more 2023-01-05 5.0 MEDIUM 7.5 HIGH
A user can tell curl >= 7.20.0 and <= 7.78.0 to require a successful upgrade to TLS when speaking to an IMAP, POP3 or FTP server (`--ssl-reqd` on the command line or`CURLOPT_USE_SSL` set to `CURLUSESSL_CONTROL` or `CURLUSESSL_ALL` withlibcurl). This requirement could be bypassed if the server would return a properly crafted but perfectly legitimate response.This flaw would then make curl silently continue its operations **withoutTLS** contrary to the instructions and expectations, exposing possibly sensitive data in clear text over the network.
CVE-2021-33560 4 Debian, Fedoraproject, Gnupg and 1 more 8 Debian Linux, Fedora, Libgcrypt and 5 more 2022-12-06 5.0 MEDIUM 7.5 HIGH
Libgcrypt before 1.8.8 and 1.9.x before 1.9.3 mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm, and the window size is not chosen appropriately. This, for example, affects use of ElGamal in OpenPGP.
CVE-2020-36242 3 Cryptography Project, Fedoraproject, Oracle 3 Cryptography, Fedora, Communications Cloud Native Core Network Function Cloud Native Environment 2022-12-06 6.4 MEDIUM 9.1 CRITICAL
In the cryptography package before 3.3.2 for Python, certain sequences of update calls to symmetrically encrypt multi-GB values could result in an integer overflow and buffer overflow, as demonstrated by the Fernet class.
CVE-2021-3177 5 Debian, Fedoraproject, Netapp and 2 more 10 Debian Linux, Fedora, Active Iq Unified Manager and 7 more 2022-12-06 7.5 HIGH 9.8 CRITICAL
Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to c_double.from_param. This occurs because sprintf is used unsafely.
CVE-2020-14343 2 Oracle, Pyyaml 2 Communications Cloud Native Core Network Function Cloud Native Environment, Pyyaml 2022-12-06 10.0 HIGH 9.8 CRITICAL
A vulnerability was discovered in the PyYAML library in versions before 5.4, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. Applications that use the library to process untrusted input may be vulnerable to this flaw. This flaw allows an attacker to execute arbitrary code on the system by abusing the python/object/new constructor. This flaw is due to an incomplete fix for CVE-2020-1747.
CVE-2022-23219 3 Debian, Gnu, Oracle 8 Debian Linux, Glibc, Communications Cloud Native Core Binding Support Function and 5 more 2022-11-08 7.5 HIGH 9.8 CRITICAL
The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its hostname argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution.
CVE-2022-24407 5 Cyrusimap, Debian, Fedoraproject and 2 more 8 Cyrus-sasl, Debian Linux, Fedora and 5 more 2022-11-07 6.5 MEDIUM 8.8 HIGH
In Cyrus SASL 2.1.17 through 2.1.27 before 2.1.28, plugins/sql.c does not escape the password for a SQL INSERT or UPDATE statement.
CVE-2022-23308 6 Apple, Debian, Fedoraproject and 3 more 44 Ipados, Iphone Os, Mac Os X and 41 more 2022-11-02 4.3 MEDIUM 7.5 HIGH
valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes.
CVE-2021-34798 8 Apache, Broadcom, Debian and 5 more 18 Http Server, Brocade Fabric Operating System Firmware, Debian Linux and 15 more 2022-10-28 5.0 MEDIUM 7.5 HIGH
Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier.
CVE-2021-3448 4 Fedoraproject, Oracle, Redhat and 1 more 4 Fedora, Communications Cloud Native Core Network Function Cloud Native Environment, Enterprise Linux and 1 more 2022-10-27 4.3 MEDIUM 4.0 MEDIUM
A flaw was found in dnsmasq in versions before 2.85. When configured to use a specific server for a given network interface, dnsmasq uses a fixed port while forwarding queries. An attacker on the network, able to find the outgoing port used by dnsmasq, only needs to guess the random transmission ID to forge a reply and get it accepted by dnsmasq. This flaw makes a DNS Cache Poisoning attack much easier. The highest threat from this vulnerability is to data integrity.
CVE-2021-36160 6 Apache, Broadcom, Debian and 3 more 13 Http Server, Brocade Fabric Operating System Firmware, Debian Linux and 10 more 2022-10-18 5.0 MEDIUM 7.5 HIGH
A carefully crafted request uri-path can cause mod_proxy_uwsgi to read above the allocated memory and crash (DoS). This issue affects Apache HTTP Server versions 2.4.30 to 2.4.48 (inclusive).
CVE-2022-22947 2 Oracle, Vmware 10 Commerce Guided Search, Communications Cloud Native Core Binding Support Function, Communications Cloud Native Core Console and 7 more 2022-10-17 6.8 MEDIUM 10.0 CRITICAL
In spring cloud gateway versions prior to 3.1.1+ and 3.0.7+ , applications are vulnerable to a code injection attack when the Gateway Actuator endpoint is enabled, exposed and unsecured. A remote attacker could make a maliciously crafted request that could allow arbitrary remote execution on the remote host.