Text Oracle Text

Do you want an email whenever new security vulnerabilities are reported in Oracle Text?

By the Year

In 2021 there have been 2 vulnerabilities in Oracle Text with an average score of 5.2 out of ten. Last year Text had 1 security vulnerability published. That is, 1 more vulnerability have already been reported in 2021 as compared to last year. Last year, the average CVE base score was greater by 2.95

Year Vulnerabilities Average Score
2021 2 5.15
2020 1 8.10
2019 0 0.00
2018 1 8.20

It may take a day or so for new Text vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Oracle Text Security Vulnerabilities

Vulnerability in the Oracle Text component of Oracle Database Server

CVE-2021-2328 7.2 - High - July 21, 2021

Vulnerability in the Oracle Text component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 19c. Easily exploitable vulnerability allows high privileged attacker having Create Any Procedure, Alter Any Table privilege with network access via Oracle Net to compromise Oracle Text. Successful attacks of this vulnerability can result in takeover of Oracle Text. CVSS 3.1 Base Score 7.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).

Vulnerability in the Oracle Text component of Oracle Database Server

CVE-2021-2045 3.1 - Low - January 20, 2021

Vulnerability in the Oracle Text component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 18c and 19c. Difficult to exploit vulnerability allows low privileged attacker having Create Session privilege with network access via Oracle Net to compromise Oracle Text. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Text. CVSS 3.1 Base Score 3.1 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L).

Vulnerability in the Oracle Text component of Oracle Database Server

CVE-2020-14734 8.1 - High - October 21, 2020

Vulnerability in the Oracle Text component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c and 19c. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Oracle Net to compromise Oracle Text. Successful attacks of this vulnerability can result in takeover of Oracle Text. CVSS 3.1 Base Score 8.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H).

Vulnerability in the Oracle Text component of Oracle Database Server

CVE-2018-3299 8.2 - High - October 17, 2018

Vulnerability in the Oracle Text component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2 and 12.2.0.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Text. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Text, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Text as well as unauthorized update, insert or delete access to some of Oracle Text accessible data. CVSS 3.0 Base Score 8.2 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:H).

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Oracle Text or by Oracle? Click the Watch button to subscribe.

Oracle
Vendor

Oracle Text
Product

subscribe