Oracle Communications Metasolv Solution — known CVE vulnerabilities
Every CVE whose affected-product data names Oracle Communications Metasolv Solution, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (9)
CVE-2018-8013 — CVSS 9.8 (critical): In Apache Batik 1.x before 1.10, when deserializing subclass of `AbstractDocument`, the class takes a string from the inputStream as the…
CVE-2022-23852 — CVSS 9.8 (critical): Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer, for configurations with a nonzero XML_CONTEXT_BYTES.
CVE-2021-2351 — CVSS 8.3 (high): Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versions that are affected are 12.1.0.2…
CVE-2020-11987 — CVSS 8.2 (high): Apache Batik 1.13 is vulnerable to server-side request forgery, caused by improper input validation by the NodePickerPanel. By using a…
CVE-2019-17566 — CVSS 7.5 (high): Apache Batik is vulnerable to server-side request forgery, caused by improper input validation by the "xlink:href" attributes. By using a…
CVE-2019-10086 — CVSS 7.3 (high): In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to…
CVE-2020-1945 — CVSS 6.3 (medium): Apache Ant 1.1 to 1.9.14 and 1.10.0 to 1.10.7 uses the default temporary directory identified by the Java system property java.io.tmpdir…
CVE-2019-10219 — CVSS 6.1 (medium): A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of…