Utilities Advanced Spatial Operational Analytics Oracle Utilities Advanced Spatial Operational Analytics

Do you want an email whenever new security vulnerabilities are reported in Oracle Utilities Advanced Spatial Operational Analytics?

By the Year

In 2022 there have been 0 vulnerabilities in Oracle Utilities Advanced Spatial Operational Analytics . Utilities Advanced Spatial Operational Analytics did not have any published security vulnerabilities last year.

Year Vulnerabilities Average Score
2022 0 0.00
2021 0 0.00
2020 0 0.00
2019 1 9.80
2018 2 9.80

It may take a day or so for new Utilities Advanced Spatial Operational Analytics vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Oracle Utilities Advanced Spatial Operational Analytics Security Vulnerabilities

An issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.5

CVE-2018-11307 9.8 - Critical - July 09, 2019

An issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.5. Use of Jackson default typing along with a gadget class from iBatis allows exfiltration of content. Fixed in 2.7.9.4, 2.8.11.2, and 2.9.6.

Marshaling, Unmarshaling

A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1, 2.7.9.1 and 2.8.9, which could

CVE-2017-7525 9.8 - Critical - February 06, 2018

A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1, 2.7.9.1 and 2.8.9, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper.

Denylist / Deny List

A deserialization flaw was discovered in the jackson-databind in versions before 2.8.10 and 2.9.1, which could

CVE-2017-15095 9.8 - Critical - February 06, 2018

A deserialization flaw was discovered in the jackson-databind in versions before 2.8.10 and 2.9.1, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525 by blacklisting more classes that could be used maliciously.\

Marshaling, Unmarshaling

In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent

CVE-2017-5645 9.8 - Critical - April 17, 2017

In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code.

Marshaling, Unmarshaling

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Netty or by Oracle? Click the Watch button to subscribe.

Oracle
Vendor

subscribe