cpe:2.3:a:oracle:communications_webrtc_session_controller:7.2.1:*:*:*:*:*:*:*
Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from self-referential lookups. This allows an attacker with control over Thread Context Map data to cause a denial of service when a crafted string is interpreted. This issue was fixed in Log4j 2.17.0, 2.12.3, and 2.3.1.
Max CVSS
5.9
EPSS Score
96.67%
Published
2021-12-18
Updated
2022-10-06
A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.
Max CVSS
6.5
EPSS Score
0.23%
Published
2019-11-08
Updated
2022-09-12
2 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!