Oracle Banking Supply Chain Finance 14.5
Approved changes feed: RSS · Atom
cpe:2.3:a:oracle:banking_supply_chain_finance:14.5:*:*:*:*:*:*:*
part: a version: 14.5 update: *
| Vendor | Oracle (3509f9eb-d8a0-57da-b153-b8021021b133) |
|---|---|
| Product | Banking Supply Chain Finance (c0fc34ba-2bdc-53a9-87e6-822e7d090ff8) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2022-22963 |
vulnerable | 2026-06-03 14:46:25.821173 |
Details available
In Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions, when using routing functionality it is possible for a user to provide a specially crafted SpEL as a routing-expression that may result in remote code execution and access to local resources.
Published: 2022-04-01T00:00:00.000Z
Updated: 2025-10-21T23:15:42.941Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-36188 |
vulnerable | 2026-06-03 14:42:33.191895 |
Details available
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource.
Published: 2021-01-06T22:29:36.000Z
Updated: 2024-08-04T17:23:09.309Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-36187 |
vulnerable | 2026-06-03 14:42:33.189679 |
Details available
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource.
Published: 2021-01-06T22:29:44.000Z
Updated: 2024-08-04T17:23:09.266Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-36186 |
vulnerable | 2026-06-03 14:42:33.187615 |
Details available
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource.
Published: 2021-01-06T22:29:51.000Z
Updated: 2024-08-04T17:23:09.443Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-36185 |
vulnerable | 2026-06-03 14:42:33.185525 |
Details available
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource.
Published: 2021-01-06T22:29:59.000Z
Updated: 2024-08-04T17:23:09.472Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-36184 |
vulnerable | 2026-06-03 14:42:33.183465 |
Details available
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource.
Published: 2021-01-06T22:30:07.000Z
Updated: 2024-08-04T17:23:09.423Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-36183 |
vulnerable | 2026-06-03 14:42:33.180320 |
Details available
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool.
Published: 2021-01-06T22:30:15.000Z
Updated: 2024-08-04T17:23:09.407Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-36182 |
vulnerable | 2026-06-03 14:42:33.178274 |
Details available
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS.
Published: 2021-01-06T22:30:22.000Z
Updated: 2024-08-04T17:23:09.677Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-36181 |
vulnerable | 2026-06-03 14:42:33.175101 |
Details available
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS.
Published: 2021-01-06T22:29:19.000Z
Updated: 2024-08-04T17:23:09.306Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-36180 |
vulnerable | 2026-06-03 14:42:33.151369 |
Details available
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS.
Published: 2021-01-06T22:30:31.000Z
Updated: 2024-08-04T17:23:09.529Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-36179 |
vulnerable | 2026-06-03 14:42:33.148144 |
Details available
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS.
Published: 2021-01-06T22:30:38.000Z
Updated: 2024-08-04T17:23:09.285Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-35728 |
vulnerable | 2026-06-03 14:42:32.244480 |
Details available
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool (aka embedded Xalan in org.glassfish.web/javax.servlet.jsp.jstl).
Published: 2020-12-27T04:32:36.000Z
Updated: 2025-08-27T20:33:46.507Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-26217 |
vulnerable | 2026-06-03 14:42:16.478967 |
Remote Code Execution in XStream
HIGH (8)
XStream before version 1.4.14 is vulnerable to Remote Code Execution.The vulnerability may allow a remote attacker to run arbitrary shell commands only by manipulating the processed input stream. Only users who rely on blocklists are affected. Anyone using XStream's Security Framework allowlist is not affected. The linked advisory provides code workarounds for users who cannot upgrade. The issue is fixed in version 1.4.14.
Published: 2020-11-16T21:00:18.000Z
Updated: 2024-08-04T15:49:07.258Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-24616 |
vulnerable | 2026-06-03 14:42:07.815481 |
Details available
FasterXML jackson-databind 2.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPDataSource (aka Anteros-DBCP).
Published: 2020-08-25T17:04:08.000Z
Updated: 2024-08-04T15:19:08.951Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-0228 |
vulnerable | 2026-06-03 14:39:18.880035 |
Details available
Apache PDFBox 2.0.14 does not properly initialize the XML parser, which allows context-dependent attackers to conduct XML External Entity (XXE) attacks via a crafted XFDF.
Published: 2019-04-17T14:07:34.000Z
Updated: 2024-08-04T17:44:15.952Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.