CVE-2021-29425

In Apache Commons IO before 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like "//../foo", or "\\..\foo", the result would be the same value, thus possibly providing access to files in the parent directory, but not further above (thus "limited" path traversal), if the calling code would use the result to construct a path value.

CVSS v3 4.8 MEDIUM
CVSS v2.0 5.8 MEDIUM

4.8^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.2 / Impact : 2.5

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope UNCHANGED

5.8^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:P/I:P/A:N

Exploitability : 8.6 / Impact : 4.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
https://issues.apache.org/jira/browse/IO-556	Exploit Issue Tracking Vendor Advisory
https://lists.apache.org/thread.html/r01b4a1fcdf3311c936ce33d75a9398b6c255f00c1a2f312ac21effe1%40%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r0bfa8f7921abdfae788b1f076a12f73a92c93cc0a6e1083bce0027c5%40%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r0d73e2071d1f1afe1a15da14c5b6feb2cf17e3871168d5a3c8451436%40%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/r1c2f4683c35696cf6f863e3c107e37ec41305b1930dd40c17260de71%40%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/r20416f39ca7f7344e7d76fe4d7063bb1d91ad106926626e7e83fb346%40%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r2345b49dbffa8a5c3c589c082fe39228a2c1d14f11b96c523da701db%40%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r2721aba31a8562639c4b937150897e24f78f747cdbda8641c0f659fe%40%3Cusers.kafka.apache.org%3E
https://lists.apache.org/thread.html/r27b1eedda37468256c4bb768fde1e8b79b37ec975cbbfd0d65a7ac34%40%3Cdev.myfaces.apache.org%3E
https://lists.apache.org/thread.html/r2bc986a070457daca457a54fe71ee09d2584c24dc262336ca32b6a19%40%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/r2df50af2641d38f432ef025cd2ba5858215cc0cf3fc10396a674ad2e%40%3Cpluto-scm.portals.apache.org%3E
https://lists.apache.org/thread.html/r345330b7858304938b7b8029d02537a116d75265a598c98fa333504a%40%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/r4050f9f6b42ebfa47a98cbdee4aabed4bb5fb8093db7dbb88faceba2%40%3Ccommits.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r462db908acc1e37c455e11b1a25992b81efd18e641e7e0ceb1b6e046%40%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r477c285126ada5c3b47946bb702cb222ac4e7fd3100c8549bdd6d3b2%40%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r47ab6f68cbba8e730f42c4ea752f3a44eb95fb09064070f2476bb401%40%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/r5149f78be265be69d34eacb4e4b0fc7c9c697bcdfa91a1c1658d717b%40%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r523a6ffad58f71c4f3761e3cee72df878e48cdc89ebdce933be1475c%40%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/r808be7d93b17a7055c1981a8453ae5f0d0fce5855407793c5d0ffffa%40%3Cuser.commons.apache.org%3E
https://lists.apache.org/thread.html/r8569a41d565ca880a4dee0e645dad1cd17ab4a92e68055ad9ebb7375%40%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/r86528f4b7d222aed7891e7ac03d69a0db2a2dfa17b86ac3470d7f374%40%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r873d5ddafc0a68fd999725e559776dc4971d1ab39c0f5cc81bd9bc04%40%3Ccommits.pulsar.apache.org%3E
https://lists.apache.org/thread.html/r8bfc7235e6b39d90e6f446325a5a44c3e9e50da18860fdabcee23e29%40%3Cissues.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/r8efcbabde973ea72f5e0933adc48ef1425db5cde850bf641b3993f31%40%3Cdev.commons.apache.org%3E
https://lists.apache.org/thread.html/r92ea904f4bae190b03bd42a4355ce3c2fbe8f36ab673e03f6ca3f9fa%40%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/ra8ef65aedc086d2d3d21492b4c08ae0eb8a3a42cc52e29ba1bc009d8%40%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/raa053846cae9d497606027816ae87b4e002b2e0eb66cb0dee710e1f5%40%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/rad4ae544747df32ccd58fff5a86cd556640396aeb161aa71dd3d192a%40%3Cuser.commons.apache.org%3E
https://lists.apache.org/thread.html/rbebd3e19651baa7a4a5503a9901c95989df9d40602c8e35cb05d3eb5%40%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/rc10fa20ef4d13cbf6ebe0b06b5edb95466a1424a9b7673074ed03260%40%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rc2dd3204260e9227a67253ef68b6f1599446005bfa0e1ddce4573a80%40%3Cpluto-dev.portals.apache.org%3E
https://lists.apache.org/thread.html/rc359823b5500e9a9a2572678ddb8e01d3505a7ffcadfa8d13b8780ab%40%3Cuser.commons.apache.org%3E	Mailing List Vendor Advisory
https://lists.apache.org/thread.html/rc5f3df5316c5237b78a3dff5ab95b311ad08e61d418cd992ca7e34ae%40%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rc65f9bc679feffe4589ea0981ee98bc0af9139470f077a91580eeee0%40%3Cpluto-dev.portals.apache.org%3E
https://lists.apache.org/thread.html/rca71a10ca533eb9bfac2d590533f02e6fb9064d3b6aa3ec90fdc4f51%40%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rd09d4ab3e32e4b3a480e2ff6ff118712981ca82e817f28f2a85652a6%40%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/re41e9967bee064e7369411c28f0f5b2ad28b8334907c9c6208017279%40%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/red3aea910403d8620c73e1c7b9c9b145798d0469eb3298a7be7891af%40%3Cnotifications.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rfa2f08b7c0caf80ca9f4a18bd875918fdd4e894e2ea47942a4589b9c%40%3Cdev.creadur.apache.org%3E
https://lists.apache.org/thread.html/rfcd2c649c205f12b72dde044f905903460669a220a2eb7e12652d19d%40%3Cdev.zookeeper.apache.org%3E
https://lists.apache.org/thread.html/rfd01af05babc95b8949e6d8ea78d9834699e1b06981040dde419a330%40%3Cdev.commons.apache.org%3E
https://lists.debian.org/debian-lts-announce/2021/08/msg00016.html	Mailing List Third Party Advisory
https://security.netapp.com/advisory/ntap-20220210-0004/	Third Party Advisory
https://www.oracle.com/security-alerts/cpuapr2022.html	Patch Third Party Advisory
https://www.oracle.com/security-alerts/cpujan2022.html	Patch Third Party Advisory
https://www.oracle.com/security-alerts/cpujul2022.html	Patch Third Party Advisory
https://www.oracle.com/security-alerts/cpuoct2021.html	Third Party Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:apache:commons_io:2.2:-::::::
	cpe:2.3:a:apache:commons_io:2.3:-::::::
	cpe:2.3:a:apache:commons_io:2.4:-::::::
	cpe:2.3:a:apache:commons_io:2.5:-::::::
	cpe:2.3:a:apache:commons_io:2.6:-::::::

Configuration 2 (hide)

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Configuration 3 (hide)

OR	cpe:2.3:a:oracle:access_manager:11.1.2.3.0:::::::*
	cpe:2.3:a:oracle:access_manager:12.2.1.3.0:::::::*
	cpe:2.3:a:oracle:access_manager:12.2.1.4.0:::::::*
	cpe:2.3:a:oracle:agile_engineering_data_management:6.2.1.0:::::::*
	cpe:2.3:a:oracle:agile_plm:9.3.6:::::::*
	cpe:2.3:a:oracle:application_performance_management:13.4.1.0:::::::*
	cpe:2.3:a:oracle:application_performance_management:13.5.1.0:::::::*
	cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:::::::*
	cpe:2.3:a:oracle:banking_apis:18.1:::::::*
	cpe:2.3:a:oracle:banking_apis:18.2:::::::*
	cpe:2.3:a:oracle:banking_apis:18.3:::::::*
	cpe:2.3:a:oracle:banking_apis:19.1:::::::*
	cpe:2.3:a:oracle:banking_apis:19.2:::::::*
	cpe:2.3:a:oracle:banking_apis:20.1:::::::*
	cpe:2.3:a:oracle:banking_apis:21.1:::::::*
	cpe:2.3:a:oracle:banking_digital_experience:17.2:::::::*
	cpe:2.3:a:oracle:banking_digital_experience:18.1:::::::*
	cpe:2.3:a:oracle:banking_digital_experience:18.3:::::::*
	cpe:2.3:a:oracle:banking_digital_experience:19.1:::::::*
	cpe:2.3:a:oracle:banking_digital_experience:19.2:::::::*
	cpe:2.3:a:oracle:banking_digital_experience:20.1:::::::*
	cpe:2.3:a:oracle:banking_digital_experience:21.1:::::::*
	cpe:2.3:a:oracle:banking_enterprise_default_management:2.6.2:::::::*
	cpe:2.3:a:oracle:banking_enterprise_default_management:2.7.0:::::::*
	cpe:2.3:a:oracle:banking_enterprise_default_management:2.7.1:::::::*
	cpe:2.3:a:oracle:banking_enterprise_default_management:2.10.0:::::::*
	cpe:2.3:a:oracle:banking_enterprise_default_management:2.12.0:::::::*
	cpe:2.3:a:oracle:banking_enterprise_default_managment::::::::
	cpe:2.3:a:oracle:banking_party_management:2.7.0:::::::*
	cpe:2.3:a:oracle:banking_platform::::::::
	cpe:2.3:a:oracle:banking_platform:2.6.2:::::::*
	cpe:2.3:a:oracle:banking_platform:2.7.0:::::::*
	cpe:2.3:a:oracle:banking_platform:2.7.1:::::::*
	cpe:2.3:a:oracle:blockchain_platform::::::::
	cpe:2.3:a:oracle:commerce_guided_search:11.3.2:::::::*
	cpe:2.3:a:oracle:communications_application_session_controller:3.9.0:::::::*
	cpe:2.3:a:oracle:communications_billing_and_revenue_management_elastic_charging_engine:11.3:::::::*
	cpe:2.3:a:oracle:communications_billing_and_revenue_management_elastic_charging_engine:12.0:::::::*
	cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:1.14.0:::::::*
	cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.14.0:::::::*
	cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:1.4.0:::::::*
	cpe:2.3:a:oracle:communications_contacts_server:8.0.0.6.0:::::::*
	cpe:2.3:a:oracle:communications_converged_application_server_-_service_controller:6.2:::::::*
	cpe:2.3:a:oracle:communications_convergence:3.0.2.2.0:::::::*
	cpe:2.3:a:oracle:communications_design_studio::::::::
	cpe:2.3:a:oracle:communications_design_studio:7.3.5:::::::*
	cpe:2.3:a:oracle:communications_diameter_intelligence_hub::::::::
	cpe:2.3:a:oracle:communications_diameter_intelligence_hub::::::::
	cpe:2.3:a:oracle:communications_interactive_session_recorder:6.3:::::::*
	cpe:2.3:a:oracle:communications_interactive_session_recorder:6.4:::::::*
	cpe:2.3:a:oracle:communications_offline_mediation_controller:12.0.0.3:::::::*
	cpe:2.3:a:oracle:communications_order_and_service_management:7.3:::::::*
	cpe:2.3:a:oracle:communications_order_and_service_management:7.4:::::::*
	cpe:2.3:a:oracle:communications_policy_management:12.5.0.0.0:::::::*
	cpe:2.3:a:oracle:communications_pricing_design_center:12.0.0.4.0:::::::*
	cpe:2.3:a:oracle:communications_pricing_design_center:12.0.0.5.0:::::::*
	cpe:2.3:a:oracle:communications_service_broker:6.2:::::::*
	cpe:2.3:a:oracle:enterprise_communications_broker:3.3:::::::*
	cpe:2.3:a:oracle:enterprise_session_border_controller:8.4:::::::*
	cpe:2.3:a:oracle:enterprise_session_border_controller:9.0:::::::*
	cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure::::::::
	cpe:2.3:a:oracle:financial_services_model_management_and_governance::::::::
	cpe:2.3:a:oracle:flexcube_core_banking::::::::
	cpe:2.3:a:oracle:flexcube_core_banking:5.2.0:::::::*
cpe:2.3:a:oracle:flexcube_core_banking:11.10.0:::::::*
cpe:2.3:a:oracle:fusion_middleware_mapviewer:12.2.1.4.0:::::::*
cpe:2.3:a:oracle:health_sciences_data_management_workbench:2.5.2.1:::::::*
cpe:2.3:a:oracle:health_sciences_data_management_workbench:3.0.0.0:::::::*
cpe:2.3:a:oracle:health_sciences_information_manager::::::::
cpe:2.3:a:oracle:healthcare_data_repository:8.1.0:::::::*
cpe:2.3:a:oracle:helidon:1.4.7:::::::*
cpe:2.3:a:oracle:helidon:2.2.0:::::::*
cpe:2.3:a:oracle:insurance_policy_administration:11.0.2:::::::*
cpe:2.3:a:oracle:insurance_policy_administration:11.1.0:::::::*
cpe:2.3:a:oracle:insurance_policy_administration:11.2.8:::::::*
cpe:2.3:a:oracle:insurance_policy_administration:11.3.0:::::::*
cpe:2.3:a:oracle:insurance_policy_administration:11.3.1:::::::*
cpe:2.3:a:oracle:insurance_rules_palette:11.0.2:::::::*
cpe:2.3:a:oracle:insurance_rules_palette:11.1.0:::::::*
cpe:2.3:a:oracle:insurance_rules_palette:11.2.8:::::::*
cpe:2.3:a:oracle:insurance_rules_palette:11.3.0:::::::*
cpe:2.3:a:oracle:insurance_rules_palette:11.3.1:::::::*
cpe:2.3:a:oracle:oss_support_tools::::::::
cpe:2.3:a:oracle:primavera_unifier::::::::
cpe:2.3:a:oracle:primavera_unifier:18.8:::::::*
cpe:2.3:a:oracle:primavera_unifier:19.12:::::::*
cpe:2.3:a:oracle:primavera_unifier:20.12:::::::*
cpe:2.3:a:oracle:primavera_unifier:21.12:::::::*
cpe:2.3:a:oracle:real_user_experience_insight:13.4.1.0:::::::*
cpe:2.3:a:oracle:real_user_experience_insight:13.5.1.0:::::::*
cpe:2.3:a:oracle:rest_data_services:::::-:::*
cpe:2.3:a:oracle:rest_data_services:21.3::::-:::
cpe:2.3:a:oracle:retail_assortment_planning:16.0.3:::::::*
cpe:2.3:a:oracle:retail_integration_bus::::::::
cpe:2.3:a:oracle:retail_integration_bus:13.0:::::::*
cpe:2.3:a:oracle:retail_integration_bus:14.1.3.0:::::::*
cpe:2.3:a:oracle:retail_integration_bus:14.1.3.2:::::::*
cpe:2.3:a:oracle:retail_integration_bus:15.0.3.1:::::::*
cpe:2.3:a:oracle:retail_integration_bus:19.0.0:::::::*
cpe:2.3:a:oracle:retail_integration_bus:19.0.1:::::::*
cpe:2.3:a:oracle:retail_merchandising_system:16.0.3:::::::*
cpe:2.3:a:oracle:retail_merchandising_system:19.0.1:::::::*
cpe:2.3:a:oracle:retail_order_broker:16.0:::::::*
cpe:2.3:a:oracle:retail_order_broker:18.0:::::::*
cpe:2.3:a:oracle:retail_order_broker:19.1:::::::*
cpe:2.3:a:oracle:retail_pricing:19.0.1:::::::*
cpe:2.3:a:oracle:retail_service_backbone::::::::
cpe:2.3:a:oracle:retail_service_backbone:14.1.3.0:::::::*
cpe:2.3:a:oracle:retail_service_backbone:14.1.3.2:::::::*
cpe:2.3:a:oracle:retail_service_backbone:15.0.3.1:::::::*
cpe:2.3:a:oracle:retail_service_backbone:19.0.0:::::::*
cpe:2.3:a:oracle:retail_service_backbone:19.0.1:::::::*
cpe:2.3:a:oracle:retail_size_profile_optimization:16.0.3:::::::*
cpe:2.3:a:oracle:retail_xstore_point_of_service:17.0.4:::::::*
cpe:2.3:a:oracle:retail_xstore_point_of_service:18.0.3:::::::*
cpe:2.3:a:oracle:retail_xstore_point_of_service:19.0.2:::::::*
cpe:2.3:a:oracle:retail_xstore_point_of_service:20.0.1:::::::*
cpe:2.3:a:oracle:solaris_cluster:4.0:::::::*
cpe:2.3:a:oracle:utilities_testing_accelerator:6.0.0.1.1:::::::*
cpe:2.3:a:oracle:utilities_testing_accelerator:6.0.0.2.2:::::::*
cpe:2.3:a:oracle:utilities_testing_accelerator:6.0.0.3.1:::::::*
cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:::::::*
cpe:2.3:a:oracle:webcenter_portal:12.2.1.4.0:::::::*
cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0:::::::*
cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:::::::*
cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:::::::*
cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:::::::*

Configuration 4 (hide)

OR	cpe:2.3:a:netapp:active_iq_unified_manager:-:::::linux::
	cpe:2.3:a:netapp:active_iq_unified_manager:-:::::vmware_vsphere::
	cpe:2.3:a:netapp:active_iq_unified_manager:-:::::windows::

History

07 Nov 2023, 03:32

Type	Values Removed	Values Added
References	{'url': 'https://lists.apache.org/thread.html/r523a6ffad58f71c4f3761e3cee72df878e48cdc89ebdce933be1475c@%3Cdev.creadur.apache.org%3E', 'name': '[creadur-dev] 20210518 [jira] [Commented] (WHISKER-19) Update commons-io to fix CVE-2021-29425', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'MLIST'} {'url': 'https://lists.apache.org/thread.html/r873d5ddafc0a68fd999725e559776dc4971d1ab39c0f5cc81bd9bc04@%3Ccommits.pulsar.apache.org%3E', 'name': '[pulsar-commits] 20210420 [GitHub] [pulsar] lhotari opened a new pull request #10287: [Security] Upgrade commons-io to address CVE-2021-29425', 'tags': ['Mailing List', 'Vendor Advisory'], 'refsource': 'MLIST'} {'url': 'https://lists.apache.org/thread.html/r2bc986a070457daca457a54fe71ee09d2584c24dc262336ca32b6a19@%3Cdev.creadur.apache.org%3E', 'name': '[creadur-dev] 20210518 [jira] [Updated] (WHISKER-19) Update commons-io to fix CVE-2021-29425', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'MLIST'} {'url': 'https://lists.apache.org/thread.html/r2345b49dbffa8a5c3c589c082fe39228a2c1d14f11b96c523da701db@%3Cnotifications.zookeeper.apache.org%3E', 'name': '[zookeeper-notifications] 20210805 [GitHub] [zookeeper] ztzg commented on pull request #1735: ZOOKEEPER-4343: Bump commons-io to version 2.7 (avoids CVE-2021-29425)', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'MLIST'} {'url': 'https://lists.apache.org/thread.html/r20416f39ca7f7344e7d76fe4d7063bb1d91ad106926626e7e83fb346@%3Cnotifications.zookeeper.apache.org%3E', 'name': '[zookeeper-notifications] 20210825 [GitHub] [zookeeper] ztzg commented on pull request #1735: ZOOKEEPER-4343: Bump commons-io to version 2.11 (avoids CVE-2021-29425)', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'MLIST'} {'url': 'https://lists.apache.org/thread.html/r4050f9f6b42ebfa47a98cbdee4aabed4bb5fb8093db7dbb88faceba2@%3Ccommits.zookeeper.apache.org%3E', 'name': '[zookeeper-commits] 20210901 [zookeeper] branch master updated: ZOOKEEPER-4343: Bump commons-io to version 2.11 (avoids CVE-2021-29425)', 'tags': ['Mailing List', 'Patch', 'Third Party Advisory'], 'refsource': 'MLIST'} {'url': 'https://lists.apache.org/thread.html/r86528f4b7d222aed7891e7ac03d69a0db2a2dfa17b86ac3470d7f374@%3Cnotifications.zookeeper.apache.org%3E', 'name': '[zookeeper-notifications] 20210825 [GitHub] [zookeeper] ztzg commented on a change in pull request #1735: ZOOKEEPER-4343: Bump commons-io to version 2.11 (avoids CVE-2021-29425)', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'MLIST'} {'url': 'https://lists.apache.org/thread.html/re41e9967bee064e7369411c28f0f5b2ad28b8334907c9c6208017279@%3Cnotifications.zookeeper.apache.org%3E', 'name': '[zookeeper-notifications] 20210813 [GitHub] [zookeeper] eolivelli commented on pull request #1735: ZOOKEEPER-4343: Bump commons-io to version 2.11 (avoids CVE-2021-29425)', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'MLIST'} {'url': 'https://lists.apache.org/thread.html/r27b1eedda37468256c4bb768fde1e8b79b37ec975cbbfd0d65a7ac34@%3Cdev.myfaces.apache.org%3E', 'name': '[myfaces-dev] 20210504 [GitHub] [myfaces-tobago] lofwyr14 opened a new pull request #808: build: CVE fix', 'tags': ['Mailing List', 'Third Party Advisory', 'Vendor Advisory'], 'refsource': 'MLIST'} {'url': 'https://lists.apache.org/thread.html/r2721aba31a8562639c4b937150897e24f78f747cdbda8641c0f659fe@%3Cusers.kafka.apache.org%3E', 'name': '[kafka-users] 20210617 vulnerabilities', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'MLIST'} {'url': 'https://lists.apache.org/thread.html/rc65f9bc679feffe4589ea0981ee98bc0af9139470f077a91580eeee0@%3Cpluto-dev.portals.apache.org%3E', 'name': '[portals-pluto-dev] 20210714 [jira] [Closed] (PLUTO-789) Upgrade to commons-io-2.7 due to CVE-2021-29425', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'MLIST'} {'url': 'https://lists.apache.org/thread.html/r8bfc7235e6b39d90e6f446325a5a44c3e9e50da18860fdabcee23e29@%3Cissues.zookeeper.apache.org%3E', 'name': '[zookeeper-issues] 20210805 [jira] [Updated] (ZOOKEEPER-4343) OWASP Dependency-Check fails with CVE-2021-29425, commons-io-2.6', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'MLIST'} {'url': 'https://lists.apache.org/thread.html/rc10fa20ef4d13cbf6ebe0b06b5edb95466a1424a9b7673074ed03260@%3Cnotifications.zookeeper.apache.org%3E', 'name': '[zookeeper-notifications] 20210806 [GitHub] [zookeeper] nkalmar commented on pull request #1735: ZOOKEEPER-4343: Bump commons-io to version 2.7 (avoids CVE-2021-29425)', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'MLIST'} {'url': 'https://lists.apache.org/thread.html/r345330b7858304938b7b8029d02537a116d75265a598c98fa333504a@%3Cdev.creadur.apache.org%3E', 'name': '[creadur-dev] 20210621 [jira] [Commented] (RAT-281) Update commons-io to fix CVE-2021-29425 Moderate severity', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'MLIST'} {'url': 'https://lists.apache.org/thread.html/ra8ef65aedc086d2d3d21492b4c08ae0eb8a3a42cc52e29ba1bc009d8@%3Cdev.creadur.apache.org%3E', 'name': '[creadur-dev] 20210518 [jira] [Created] (WHISKER-19) Update commons-io to fix CVE-2021-29425', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'MLIST'} {'url': 'https://lists.apache.org/thread.html/rc2dd3204260e9227a67253ef68b6f1599446005bfa0e1ddce4573a80@%3Cpluto-dev.portals.apache.org%3E', 'name': '[portals-pluto-dev] 20210714 [jira] [Created] (PLUTO-789) Upgrade to commons-io-2.7 due to CVE-2021-29425', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'MLIST'} {'url': 'https://lists.apache.org/thread.html/r2df50af2641d38f432ef025cd2ba5858215cc0cf3fc10396a674ad2e@%3Cpluto-scm.portals.apache.org%3E', 'name': '[portals-pluto-scm] 20210714 [portals-pluto] branch master updated: PLUTO-789 Upgrade to commons-io-2.7 due to CVE-2021-29425', 'tags': ['Mailing List', 'Patch', 'Third Party Advisory'], 'refsource': 'MLIST'} {'url': 'https://lists.apache.org/thread.html/raa053846cae9d497606027816ae87b4e002b2e0eb66cb0dee710e1f5@%3Cdev.creadur.apache.org%3E', 'name': '[creadur-dev] 20210427 [jira] [Created] (RAT-281) Update commons-io to fix CVE-2021-29425 Moderate severity', 'tags': ['Mailing List', 'Vendor Advisory'], 'refsource': 'MLIST'} {'url': 'https://lists.apache.org/thread.html/r92ea904f4bae190b03bd42a4355ce3c2fbe8f36ab673e03f6ca3f9fa@%3Cnotifications.zookeeper.apache.org%3E', 'name': '[zookeeper-notifications] 20210805 [GitHub] [zookeeper] ztzg opened a new pull request #1735: ZOOKEEPER-4343: Bump commons-io to version 2.7 (avoids CVE-2021-29425)', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'MLIST'} {'url': 'https://lists.apache.org/thread.html/rfa2f08b7c0caf80ca9f4a18bd875918fdd4e894e2ea47942a4589b9c@%3Cdev.creadur.apache.org%3E', 'name': '[creadur-dev] 20210427 [jira] [Updated] (RAT-281) Update commons-io to fix CVE-2021-29425 Moderate severity', 'tags': ['Mailing List', 'Vendor Advisory'], 'refsource': 'MLIST'} {'url': 'https://lists.apache.org/thread.html/rfcd2c649c205f12b72dde044f905903460669a220a2eb7e12652d19d@%3Cdev.zookeeper.apache.org%3E', 'name': '[zookeeper-dev] 20210805 [jira] [Created] (ZOOKEEPER-4343) OWASP Dependency-Check fails with CVE-2021-29425, commons-io-2.6', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'MLIST'} {'url': 'https://lists.apache.org/thread.html/rc5f3df5316c5237b78a3dff5ab95b311ad08e61d418cd992ca7e34ae@%3Cnotifications.zookeeper.apache.org%3E', 'name': '[zookeeper-notifications] 20210825 [GitHub] [zookeeper] eolivelli commented on pull request #1735: ZOOKEEPER-4343: Bump commons-io to version 2.11 (avoids CVE-2021-29425)', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'MLIST'} {'url': 'https://lists.apache.org/thread.html/r5149f78be265be69d34eacb4e4b0fc7c9c697bcdfa91a1c1658d717b@%3Cissues.zookeeper.apache.org%3E', 'name': '[zookeeper-issues] 20210901 [jira] [Resolved] (ZOOKEEPER-4343) OWASP Dependency-Check fails with CVE-2021-29425, commons-io-2.6', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'MLIST'} {'url': 'https://lists.apache.org/thread.html/rad4ae544747df32ccd58fff5a86cd556640396aeb161aa71dd3d192a@%3Cuser.commons.apache.org%3E', 'name': '[commons-user] 20210709 commons-fileupload dependency and CVE', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'MLIST'} {'url': 'https://lists.apache.org/thread.html/red3aea910403d8620c73e1c7b9c9b145798d0469eb3298a7be7891af@%3Cnotifications.zookeeper.apache.org%3E', 'name': '[zookeeper-notifications] 20210816 [GitHub] [zookeeper] nkalmar commented on pull request #1735: ZOOKEEPER-4343: Bump commons-io to version 2.11 (avoids CVE-2021-29425)', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'MLIST'} {'url': 'https://lists.apache.org/thread.html/r01b4a1fcdf3311c936ce33d75a9398b6c255f00c1a2f312ac21effe1@%3Cnotifications.zookeeper.apache.org%3E', 'name': '[zookeeper-notifications] 20210816 [GitHub] [zookeeper] nkalmar edited a comment on pull request #1735: ZOOKEEPER-4343: Bump commons-io to version 2.11 (avoids CVE-2021-29425)', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'MLIST'} {'url': 'https://lists.apache.org/thread.html/r808be7d93b17a7055c1981a8453ae5f0d0fce5855407793c5d0ffffa@%3Cuser.commons.apache.org%3E', 'name': '[commons-user] 20210709 Re: commons-fileupload dependency and CVE', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'MLIST'} {'url': 'https://lists.apache.org/thread.html/rd09d4ab3e32e4b3a480e2ff6ff118712981ca82e817f28f2a85652a6@%3Cnotifications.zookeeper.apache.org%3E', 'name': '[zookeeper-notifications] 20210813 [GitHub] [zookeeper] eolivelli commented on a change in pull request #1735: ZOOKEEPER-4343: Bump commons-io to version 2.11 (avoids CVE-2021-29425)', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'MLIST'} {'url': 'https://lists.apache.org/thread.html/r0bfa8f7921abdfae788b1f076a12f73a92c93cc0a6e1083bce0027c5@%3Cnotifications.zookeeper.apache.org%3E', 'name': '[zookeeper-notifications] 20210825 [GitHub] [zookeeper] ztzg edited a comment on pull request #1735: ZOOKEEPER-4343: Bump commons-io to version 2.11 (avoids CVE-2021-29425)', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'MLIST'} {'url': 'https://lists.apache.org/thread.html/rca71a10ca533eb9bfac2d590533f02e6fb9064d3b6aa3ec90fdc4f51@%3Cnotifications.zookeeper.apache.org%3E', 'name': '[zookeeper-notifications] 20210813 [GitHub] [zookeeper] ztzg commented on pull request #1735: ZOOKEEPER-4343: Bump commons-io to version 2.11 (avoids CVE-2021-29425)', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'MLIST'} {'url': 'https://lists.apache.org/thread.html/rbebd3e19651baa7a4a5503a9901c95989df9d40602c8e35cb05d3eb5@%3Cdev.creadur.apache.org%3E', 'name': '[creadur-dev] 20210518 [jira] [Assigned] (WHISKER-19) Update commons-io to fix CVE-2021-29425', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'MLIST'} {'url': 'https://lists.apache.org/thread.html/r462db908acc1e37c455e11b1a25992b81efd18e641e7e0ceb1b6e046@%3Cnotifications.zookeeper.apache.org%3E', 'name': '[zookeeper-notifications] 20210901 [GitHub] [zookeeper] ztzg closed pull request #1735: ZOOKEEPER-4343: Bump commons-io to version 2.11 (avoids CVE-2021-29425)', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'MLIST'} {'url': 'https://lists.apache.org/thread.html/r477c285126ada5c3b47946bb702cb222ac4e7fd3100c8549bdd6d3b2@%3Cissues.zookeeper.apache.org%3E', 'name': '[zookeeper-issues] 20210805 [jira] [Created] (ZOOKEEPER-4343) OWASP Dependency-Check fails with CVE-2021-29425, commons-io-2.6', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'MLIST'} {'url': 'https://lists.apache.org/thread.html/rfd01af05babc95b8949e6d8ea78d9834699e1b06981040dde419a330@%3Cdev.commons.apache.org%3E', 'name': '[commons-dev] 20210414 Re: [all] OSS Fuzz', 'tags': ['Mailing List', 'Vendor Advisory'], 'refsource': 'MLIST'} {'url': 'https://lists.apache.org/thread.html/r8efcbabde973ea72f5e0933adc48ef1425db5cde850bf641b3993f31@%3Cdev.commons.apache.org%3E', 'name': '[commons-dev] 20210415 Re: [all] OSS Fuzz', 'tags': ['Mailing List', 'Vendor Advisory'], 'refsource': 'MLIST'} {'url': 'https://lists.apache.org/thread.html/r47ab6f68cbba8e730f42c4ea752f3a44eb95fb09064070f2476bb401@%3Cdev.creadur.apache.org%3E', 'name': '[creadur-dev] 20210427 [jira] [Closed] (RAT-281) Update commons-io to fix CVE-2021-29425 Moderate severity', 'tags': ['Mailing List', 'Vendor Advisory'], 'refsource': 'MLIST'} {'url': 'https://lists.apache.org/thread.html/r8569a41d565ca880a4dee0e645dad1cd17ab4a92e68055ad9ebb7375@%3Cdev.creadur.apache.org%3E', 'name': '[creadur-dev] 20210427 [jira] [Commented] (RAT-281) Update commons-io to fix CVE-2021-29425 Moderate severity', 'tags': ['Mailing List', 'Vendor Advisory'], 'refsource': 'MLIST'} {'url': 'https://lists.apache.org/thread.html/r1c2f4683c35696cf6f863e3c107e37ec41305b1930dd40c17260de71@%3Ccommits.pulsar.apache.org%3E', 'name': '[pulsar-commits] 20210429 [pulsar] branch branch-2.7 updated: [Security] Upgrade commons-io to address CVE-2021-29425 (#10287)', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'MLIST'} {'url': 'https://lists.apache.org/thread.html/r0d73e2071d1f1afe1a15da14c5b6feb2cf17e3871168d5a3c8451436@%3Ccommits.pulsar.apache.org%3E', 'name': '[pulsar-commits] 20210420 [GitHub] [pulsar] merlimat merged pull request #10287: [Security] Upgrade commons-io to address CVE-2021-29425', 'tags': ['Mailing List', 'Vendor Advisory'], 'refsource': 'MLIST'}	() https://lists.apache.org/thread.html/rc65f9bc679feffe4589ea0981ee98bc0af9139470f077a91580eeee0%40%3Cpluto-dev.portals.apache.org%3E - () https://lists.apache.org/thread.html/rc2dd3204260e9227a67253ef68b6f1599446005bfa0e1ddce4573a80%40%3Cpluto-dev.portals.apache.org%3E - () https://lists.apache.org/thread.html/rc10fa20ef4d13cbf6ebe0b06b5edb95466a1424a9b7673074ed03260%40%3Cnotifications.zookeeper.apache.org%3E - () https://lists.apache.org/thread.html/rfcd2c649c205f12b72dde044f905903460669a220a2eb7e12652d19d%40%3Cdev.zookeeper.apache.org%3E - () https://lists.apache.org/thread.html/r47ab6f68cbba8e730f42c4ea752f3a44eb95fb09064070f2476bb401%40%3Cdev.creadur.apache.org%3E - () https://lists.apache.org/thread.html/r0bfa8f7921abdfae788b1f076a12f73a92c93cc0a6e1083bce0027c5%40%3Cnotifications.zookeeper.apache.org%3E - () https://lists.apache.org/thread.html/r1c2f4683c35696cf6f863e3c107e37ec41305b1930dd40c17260de71%40%3Ccommits.pulsar.apache.org%3E - () https://lists.apache.org/thread.html/rfa2f08b7c0caf80ca9f4a18bd875918fdd4e894e2ea47942a4589b9c%40%3Cdev.creadur.apache.org%3E - () https://lists.apache.org/thread.html/r345330b7858304938b7b8029d02537a116d75265a598c98fa333504a%40%3Cdev.creadur.apache.org%3E - () https://lists.apache.org/thread.html/r86528f4b7d222aed7891e7ac03d69a0db2a2dfa17b86ac3470d7f374%40%3Cnotifications.zookeeper.apache.org%3E - () https://lists.apache.org/thread.html/r477c285126ada5c3b47946bb702cb222ac4e7fd3100c8549bdd6d3b2%40%3Cissues.zookeeper.apache.org%3E - () https://lists.apache.org/thread.html/rd09d4ab3e32e4b3a480e2ff6ff118712981ca82e817f28f2a85652a6%40%3Cnotifications.zookeeper.apache.org%3E - () https://lists.apache.org/thread.html/rc5f3df5316c5237b78a3dff5ab95b311ad08e61d418cd992ca7e34ae%40%3Cnotifications.zookeeper.apache.org%3E - () https://lists.apache.org/thread.html/r462db908acc1e37c455e11b1a25992b81efd18e641e7e0ceb1b6e046%40%3Cnotifications.zookeeper.apache.org%3E - () https://lists.apache.org/thread.html/rad4ae544747df32ccd58fff5a86cd556640396aeb161aa71dd3d192a%40%3Cuser.commons.apache.org%3E - () https://lists.apache.org/thread.html/rbebd3e19651baa7a4a5503a9901c95989df9d40602c8e35cb05d3eb5%40%3Cdev.creadur.apache.org%3E - () https://lists.apache.org/thread.html/r27b1eedda37468256c4bb768fde1e8b79b37ec975cbbfd0d65a7ac34%40%3Cdev.myfaces.apache.org%3E - () https://lists.apache.org/thread.html/r2df50af2641d38f432ef025cd2ba5858215cc0cf3fc10396a674ad2e%40%3Cpluto-scm.portals.apache.org%3E - () https://lists.apache.org/thread.html/r808be7d93b17a7055c1981a8453ae5f0d0fce5855407793c5d0ffffa%40%3Cuser.commons.apache.org%3E - () https://lists.apache.org/thread.html/r4050f9f6b42ebfa47a98cbdee4aabed4bb5fb8093db7dbb88faceba2%40%3Ccommits.zookeeper.apache.org%3E - () https://lists.apache.org/thread.html/r2721aba31a8562639c4b937150897e24f78f747cdbda8641c0f659fe%40%3Cusers.kafka.apache.org%3E - () https://lists.apache.org/thread.html/r8569a41d565ca880a4dee0e645dad1cd17ab4a92e68055ad9ebb7375%40%3Cdev.creadur.apache.org%3E - () https://lists.apache.org/thread.html/rfd01af05babc95b8949e6d8ea78d9834699e1b06981040dde419a330%40%3Cdev.commons.apache.org%3E - () https://lists.apache.org/thread.html/ra8ef65aedc086d2d3d21492b4c08ae0eb8a3a42cc52e29ba1bc009d8%40%3Cdev.creadur.apache.org%3E - () https://lists.apache.org/thread.html/r8bfc7235e6b39d90e6f446325a5a44c3e9e50da18860fdabcee23e29%40%3Cissues.zookeeper.apache.org%3E - () https://lists.apache.org/thread.html/r2345b49dbffa8a5c3c589c082fe39228a2c1d14f11b96c523da701db%40%3Cnotifications.zookeeper.apache.org%3E - () https://lists.apache.org/thread.html/r01b4a1fcdf3311c936ce33d75a9398b6c255f00c1a2f312ac21effe1%40%3Cnotifications.zookeeper.apache.org%3E - () https://lists.apache.org/thread.html/re41e9967bee064e7369411c28f0f5b2ad28b8334907c9c6208017279%40%3Cnotifications.zookeeper.apache.org%3E - () https://lists.apache.org/thread.html/r0d73e2071d1f1afe1a15da14c5b6feb2cf17e3871168d5a3c8451436%40%3Ccommits.pulsar.apache.org%3E - () https://lists.apache.org/thread.html/r8efcbabde973ea72f5e0933adc48ef1425db5cde850bf641b3993f31%40%3Cdev.commons.apache.org%3E - () https://lists.apache.org/thread.html/raa053846cae9d497606027816ae87b4e002b2e0eb66cb0dee710e1f5%40%3Cdev.creadur.apache.org%3E - () https://lists.apache.org/thread.html/r523a6ffad58f71c4f3761e3cee72df878e48cdc89ebdce933be1475c%40%3Cdev.creadur.apache.org%3E - () https://lists.apache.org/thread.html/r20416f39ca7f7344e7d76fe4d7063bb1d91ad106926626e7e83fb346%40%3Cnotifications.zookeeper.apache.org%3E - () https://lists.apache.org/thread.html/red3aea910403d8620c73e1c7b9c9b145798d0469eb3298a7be7891af%40%3Cnotifications.zookeeper.apache.org%3E - () https://lists.apache.org/thread.html/r2bc986a070457daca457a54fe71ee09d2584c24dc262336ca32b6a19%40%3Cdev.creadur.apache.org%3E - () https://lists.apache.org/thread.html/r92ea904f4bae190b03bd42a4355ce3c2fbe8f36ab673e03f6ca3f9fa%40%3Cnotifications.zookeeper.apache.org%3E - () https://lists.apache.org/thread.html/r5149f78be265be69d34eacb4e4b0fc7c9c697bcdfa91a1c1658d717b%40%3Cissues.zookeeper.apache.org%3E - () https://lists.apache.org/thread.html/r873d5ddafc0a68fd999725e559776dc4971d1ab39c0f5cc81bd9bc04%40%3Ccommits.pulsar.apache.org%3E - () https://lists.apache.org/thread.html/rca71a10ca533eb9bfac2d590533f02e6fb9064d3b6aa3ec90fdc4f51%40%3Cnotifications.zookeeper.apache.org%3E -

27 Oct 2022, 13:19

Type	Values Removed	Values Added
References	~~(N/A) https://www.oracle.com/security-alerts/cpujul2022.html -~~	(N/A) https://www.oracle.com/security-alerts/cpujul2022.html - Patch, Third Party Advisory
First Time		Oracle flexcube Core Banking Oracle retail Merchandising System Oracle retail Pricing Oracle agile Engineering Data Management Oracle retail Xstore Point Of Service Oracle health Sciences Data Management Workbench
CPE		cpe:2.3:a:oracle:retail_xstore_point_of_service:17.0.4:::::::* cpe:2.3:a:oracle:retail_xstore_point_of_service:19.0.2:::::::* cpe:2.3:a:oracle:health_sciences_data_management_workbench:3.0.0.0:::::::* cpe:2.3:a:oracle:agile_engineering_data_management:6.2.1.0:::::::* cpe:2.3:a:oracle:retail_xstore_point_of_service:18.0.3:::::::* cpe:2.3:a:oracle:flexcube_core_banking:5.2.0:::::::* cpe:2.3:a:oracle:flexcube_core_banking:11.10.0:::::::* cpe:2.3:a:oracle:retail_xstore_point_of_service:20.0.1:::::::* cpe:2.3:a:oracle:retail_pricing:19.0.1:::::::* cpe:2.3:a:oracle:retail_merchandising_system:16.0.3:::::::* cpe:2.3:a:oracle:flexcube_core_banking:::::::: cpe:2.3:a:oracle:retail_merchandising_system:19.0.1:::::::* cpe:2.3:a:oracle:health_sciences_data_management_workbench:2.5.2.1:::::::*

12 Sep 2022, 13:51

Type	Values Removed	Values Added
CPE	cpe:2.3:a:oracle:banking_enterprise_default_managment:2.12.0:::::::* cpe:2.3:a:oracle:banking_enterprise_default_managment:2.10.0:::::::* cpe:2.3:a:oracle:banking_enterprise_default_managment:2.7.0:::::::* cpe:2.3:a:oracle:banking_enterprise_default_managment:2.7.1:::::::* cpe:2.3:a:oracle:banking_enterprise_default_managment:2.6.2:::::::*	cpe:2.3:a:oracle:banking_enterprise_default_management:2.6.2:::::::* cpe:2.3:a:oracle:banking_enterprise_default_management:2.7.1:::::::* cpe:2.3:a:oracle:banking_enterprise_default_management:2.10.0:::::::* cpe:2.3:a:oracle:banking_enterprise_default_management:2.12.0:::::::* cpe:2.3:a:oracle:banking_enterprise_default_management:2.7.0:::::::*
First Time		Oracle banking Enterprise Default Management

25 Jul 2022, 18:15

Type	Values Removed	Values Added
References		(N/A) https://www.oracle.com/security-alerts/cpujul2022.html -

12 May 2022, 14:05

Type	Values Removed	Values Added
References	~~(MISC) https://www.oracle.com/security-alerts/cpuapr2022.html -~~	(MISC) https://www.oracle.com/security-alerts/cpuapr2022.html - Patch, Third Party Advisory
First Time		Oracle communications Diameter Intelligence Hub Oracle agile Plm Oracle healthcare Data Repository Oracle health Sciences Information Manager Oracle rest Data Services Oracle communications Contacts Server Oracle communications Pricing Design Center Oracle communications Order And Service Management Oracle communications Design Studio Oracle communications Policy Management Oracle insurance Rules Palette Oracle blockchain Platform Oracle webcenter Portal Oracle insurance Policy Administration Oracle communications Cloud Native Core Policy Oracle helidon Oracle solaris Cluster
CPE		cpe:2.3:a:oracle:communications_contacts_server:8.0.0.6.0:::::::* cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:::::::* cpe:2.3:a:oracle:insurance_rules_palette:11.2.8:::::::* cpe:2.3:a:oracle:insurance_policy_administration:11.2.8:::::::* cpe:2.3:a:oracle:communications_order_and_service_management:7.3:::::::* cpe:2.3:a:oracle:insurance_policy_administration:11.3.0:::::::* cpe:2.3:a:oracle:health_sciences_information_manager:::::::: cpe:2.3:a:oracle:helidon:1.4.7:::::::* cpe:2.3:a:oracle:solaris_cluster:4.0:::::::* cpe:2.3:a:oracle:insurance_policy_administration:11.3.1:::::::* cpe:2.3:a:oracle:insurance_rules_palette:11.3.1:::::::* cpe:2.3:a:oracle:webcenter_portal:12.2.1.4.0:::::::* cpe:2.3:a:oracle:agile_plm:9.3.6:::::::* cpe:2.3:a:oracle:communications_diameter_intelligence_hub:::::::: cpe:2.3:a:oracle:communications_design_studio:7.3.5:::::::* cpe:2.3:a:oracle:communications_order_and_service_management:7.4:::::::* cpe:2.3:a:oracle:rest_data_services:21.3::::-::: cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.14.0:::::::* cpe:2.3:a:oracle:communications_design_studio:::::::: cpe:2.3:a:oracle:blockchain_platform:::::::: cpe:2.3:a:oracle:communications_pricing_design_center:12.0.0.5.0:::::::* cpe:2.3:a:oracle:healthcare_data_repository:8.1.0:::::::* cpe:2.3:a:oracle:insurance_policy_administration:11.0.2:::::::* cpe:2.3:a:oracle:communications_policy_management:12.5.0.0.0:::::::* cpe:2.3:a:oracle:insurance_rules_palette:11.0.2:::::::* cpe:2.3:a:oracle:insurance_rules_palette:11.1.0:::::::* cpe:2.3:a:oracle:helidon:2.2.0:::::::* cpe:2.3:a:oracle:insurance_policy_administration:11.1.0:::::::* cpe:2.3:a:oracle:insurance_rules_palette:11.3.0:::::::* cpe:2.3:a:oracle:rest_data_services:::::-:::* cpe:2.3:a:oracle:communications_pricing_design_center:12.0.0.4.0:::::::*

20 Apr 2022, 00:15

Type	Values Removed	Values Added
References		(MISC) https://www.oracle.com/security-alerts/cpuapr2022.html -

12 Apr 2022, 17:00

Type	Values Removed	Values Added
CPE	cpe:2.3:a:apache:zookeeper:3.8.0:::::::* cpe:2.3:a:apache:whisker:::::::: cpe:2.3:a:apache:pluto:::::::: cpe:2.3:a:apache:whisker:0.2:::::::*

05 Apr 2022, 21:08

Type	Values Removed	Values Added
First Time		Oracle utilities Testing Accelerator Oracle application Performance Management Oracle retail Integration Bus Netapp Oracle access Manager Oracle communications Interactive Session Recorder Oracle banking Apis Oracle fusion Middleware Mapviewer Oracle banking Digital Experience Oracle retail Order Broker Oracle application Testing Suite Oracle enterprise Session Border Controller Oracle financial Services Analytical Applications Infrastructure Oracle retail Assortment Planning Oracle commerce Guided Search Oracle communications Offline Mediation Controller Oracle retail Service Backbone Oracle real User Experience Insight Netapp active Iq Unified Manager Oracle communications Billing And Revenue Management Elastic Charging Engine Oracle retail Size Profile Optimization Oracle communications Convergence Oracle oss Support Tools Oracle communications Cloud Native Core Network Repository Function Oracle banking Party Management Oracle enterprise Communications Broker Oracle primavera Unifier Oracle communications Service Broker Oracle banking Enterprise Default Managment Oracle financial Services Model Management And Governance Oracle communications Cloud Native Core Unified Data Repository Oracle banking Platform
CPE	cpe:2.3:a:oracle:communications_metasolv_solution:6.3.1:::::::* cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:::::::* cpe:2.3:a:oracle:goldengate_application_adapters:19.1.0.0.0:::::::* cpe:2.3:a:oracle:documaker:::::::: cpe:2.3:a:oracle:communications_calendar_server:8.0.0.6.0:::::::* cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:::::::* cpe:2.3:a:oracle:primavera_gateway:::::::: cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:::::::: cpe:2.3:o:oracle:communications_messaging_server:8.1:::::::* cpe:2.3:a:oracle:hyperion_financial_management:11.1.2.4:::::::* cpe:2.3:a:oracle:hyperion_financial_management:11.2.6.0:::::::* cpe:2.3:a:oracle:real-time_decision_server:3.2.0.0:::::::*	cpe:2.3:a:oracle:banking_apis:19.1:::::::* cpe:2.3:a:oracle:retail_service_backbone:19.0.0:::::::* cpe:2.3:a:oracle:banking_platform:2.7.1:::::::* cpe:2.3:a:oracle:banking_enterprise_default_managment:2.6.2:::::::* cpe:2.3:a:oracle:banking_apis:18.2:::::::* cpe:2.3:a:oracle:communications_cloud_native_core_network_repository_function:1.14.0:::::::* cpe:2.3:a:oracle:retail_service_backbone:14.1.3.0:::::::* cpe:2.3:a:oracle:communications_interactive_session_recorder:6.4:::::::* cpe:2.3:a:oracle:banking_digital_experience:18.1:::::::* cpe:2.3:a:oracle:retail_size_profile_optimization:16.0.3:::::::* cpe:2.3:a:oracle:banking_enterprise_default_managment:::::::: cpe:2.3:a:oracle:real_user_experience_insight:13.4.1.0:::::::* cpe:2.3:a:oracle:banking_enterprise_default_managment:2.7.0:::::::* cpe:2.3:a:oracle:communications_service_broker:6.2:::::::* cpe:2.3:a:oracle:access_manager:12.2.1.4.0:::::::* cpe:2.3:a:oracle:enterprise_session_border_controller:8.4:::::::* cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:::::::: cpe:2.3:a:oracle:primavera_unifier:21.12:::::::* cpe:2.3:a:oracle:banking_digital_experience:21.1:::::::* cpe:2.3:a:oracle:communications_billing_and_revenue_management_elastic_charging_engine:11.3:::::::* cpe:2.3:a:oracle:retail_service_backbone:14.1.3.2:::::::* cpe:2.3:a:oracle:primavera_unifier:20.12:::::::* cpe:2.3:a:oracle:banking_digital_experience:19.2:::::::* cpe:2.3:a:oracle:retail_integration_bus:14.1.3.2:::::::* cpe:2.3:a:oracle:banking_apis:18.3:::::::* cpe:2.3:a:oracle:oss_support_tools:::::::: cpe:2.3:a:netapp:active_iq_unified_manager:-:::::windows:: cpe:2.3:a:oracle:communications_offline_mediation_controller:12.0.0.3:::::::* cpe:2.3:a:oracle:primavera_unifier:18.8:::::::* cpe:2.3:a:oracle:primavera_unifier:19.12:::::::* cpe:2.3:a:oracle:application_performance_management:13.5.1.0:::::::* cpe:2.3:a:oracle:retail_integration_bus:::::::: cpe:2.3:a:oracle:communications_interactive_session_recorder:6.3:::::::* cpe:2.3:a:oracle:retail_integration_bus:14.1.3.0:::::::* cpe:2.3:a:oracle:real_user_experience_insight:13.5.1.0:::::::* cpe:2.3:a:oracle:utilities_testing_accelerator:6.0.0.2.2:::::::* cpe:2.3:a:oracle:primavera_unifier:::::::: cpe:2.3:a:oracle:banking_apis:19.2:::::::* cpe:2.3:a:oracle:banking_platform:::::::: cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:::::::* cpe:2.3:a:oracle:retail_order_broker:19.1:::::::* cpe:2.3:a:oracle:banking_enterprise_default_managment:2.7.1:::::::* cpe:2.3:a:oracle:banking_apis:18.1:::::::* cpe:2.3:a:oracle:communications_convergence:3.0.2.2.0:::::::* cpe:2.3:a:oracle:access_manager:11.1.2.3.0:::::::* cpe:2.3:a:oracle:financial_services_model_management_and_governance:::::::: cpe:2.3:a:oracle:retail_service_backbone:15.0.3.1:::::::* cpe:2.3:a:oracle:banking_platform:2.7.0:::::::* cpe:2.3:a:oracle:retail_order_broker:16.0:::::::* cpe:2.3:a:oracle:banking_party_management:2.7.0:::::::* cpe:2.3:a:oracle:commerce_guided_search:11.3.2:::::::* cpe:2.3:a:netapp:active_iq_unified_manager:-:::::linux:: cpe:2.3:a:oracle:fusion_middleware_mapviewer:12.2.1.4.0:::::::* cpe:2.3:a:netapp:active_iq_unified_manager:-:::::vmware_vsphere:: cpe:2.3:a:oracle:retail_service_backbone:::::::: cpe:2.3:a:oracle:retail_integration_bus:13.0:::::::* cpe:2.3:a:oracle:access_manager:12.2.1.3.0:::::::* cpe:2.3:a:oracle:communications_cloud_native_core_unified_data_repository:1.4.0:::::::* cpe:2.3:a:oracle:banking_enterprise_default_managment:2.10.0:::::::* cpe:2.3:a:oracle:retail_service_backbone:19.0.1:::::::* cpe:2.3:a:oracle:retail_integration_bus:15.0.3.1:::::::* cpe:2.3:a:oracle:banking_apis:21.1:::::::* cpe:2.3:a:oracle:banking_enterprise_default_managment:2.12.0:::::::* cpe:2.3:a:oracle:banking_apis:20.1:::::::* cpe:2.3:a:oracle:retail_assortment_planning:16.0.3:::::::* cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0:::::::* cpe:2.3:a:oracle:banking_platform:2.6.2:::::::* cpe:2.3:a:oracle:enterprise_communications_broker:3.3:::::::* cpe:2.3:a:oracle:communications_billing_and_revenue_management_elastic_charging_engine:12.0:::::::* cpe:2.3:a:oracle:retail_integration_bus:19.0.0:::::::* cpe:2.3:a:oracle:retail_integration_bus:19.0.1:::::::* cpe:2.3:a:oracle:application_performance_management:13.4.1.0:::::::* cpe:2.3:a:oracle:banking_digital_experience:19.1:::::::* cpe:2.3:a:oracle:banking_digital_experience:17.2:::::::* cpe:2.3:a:oracle:banking_digital_experience:20.1:::::::* cpe:2.3:a:oracle:utilities_testing_accelerator:6.0.0.1.1:::::::* cpe:2.3:a:oracle:retail_order_broker:18.0:::::::* cpe:2.3:a:oracle:banking_digital_experience:18.3:::::::* cpe:2.3:a:oracle:utilities_testing_accelerator:6.0.0.3.1:::::::* cpe:2.3:a:oracle:enterprise_session_border_controller:9.0:::::::*
References	~~(CONFIRM) https://security.netapp.com/advisory/ntap-20220210-0004/ -~~	(CONFIRM) https://security.netapp.com/advisory/ntap-20220210-0004/ - Third Party Advisory
References	~~(MISC) https://www.oracle.com/security-alerts/cpujan2022.html -~~	(MISC) https://www.oracle.com/security-alerts/cpujan2022.html - Patch, Third Party Advisory

10 Feb 2022, 10:15

Type	Values Removed	Values Added
References		(CONFIRM) https://security.netapp.com/advisory/ntap-20220210-0004/ -

07 Feb 2022, 16:15

Type	Values Removed	Values Added
References		(MISC) https://www.oracle.com/security-alerts/cpujan2022.html -

29 Nov 2021, 19:38

Type	Values Removed	Values Added
CVSS	v2 : ~~5.0~~ v3 : ~~5.3~~	v2 : 5.8 v3 : 4.8
CPE		cpe:2.3:a:oracle:hyperion_financial_management:11.2.6.0:::::::* cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:::::::* cpe:2.3:a:oracle:communications_converged_application_server_-_service_controller:6.2:::::::* cpe:2.3:a:oracle:documaker:::::::: cpe:2.3:a:oracle:goldengate_application_adapters:19.1.0.0.0:::::::* cpe:2.3:a:oracle:real-time_decision_server:3.2.0.0:::::::* cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:::::::* cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:::::::* cpe:2.3:a:oracle:communications_application_session_controller:3.9.0:::::::* cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:::::::* cpe:2.3:a:oracle:primavera_gateway:::::::: cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:::::::* cpe:2.3:o:oracle:communications_messaging_server:8.1:::::::* cpe:2.3:a:oracle:retail_customer_management_and_segmentation_foundation:::::::: cpe:2.3:a:oracle:hyperion_financial_management:11.1.2.4:::::::* cpe:2.3:a:oracle:communications_calendar_server:8.0.0.6.0:::::::* cpe:2.3:a:oracle:communications_metasolv_solution:6.3.1:::::::*
References	~~(MISC) https://www.oracle.com/security-alerts/cpuoct2021.html -~~	(MISC) https://www.oracle.com/security-alerts/cpuoct2021.html - Third Party Advisory

20 Oct 2021, 11:16

Type	Values Removed	Values Added
References		(MISC) https://www.oracle.com/security-alerts/cpuoct2021.html -

23 Sep 2021, 12:45

01 Sep 2021, 19:15

Type	Values Removed	Values Added
References		(MLIST) https://lists.apache.org/thread.html/r4050f9f6b42ebfa47a98cbdee4aabed4bb5fb8093db7dbb88faceba2@%3Ccommits.zookeeper.apache.org%3E - (MLIST) https://lists.apache.org/thread.html/r462db908acc1e37c455e11b1a25992b81efd18e641e7e0ceb1b6e046@%3Cnotifications.zookeeper.apache.org%3E - (MLIST) https://lists.apache.org/thread.html/r5149f78be265be69d34eacb4e4b0fc7c9c697bcdfa91a1c1658d717b@%3Cissues.zookeeper.apache.org%3E -

25 Aug 2021, 23:15

Type	Values Removed	Values Added
References		(MLIST) https://lists.apache.org/thread.html/r0bfa8f7921abdfae788b1f076a12f73a92c93cc0a6e1083bce0027c5@%3Cnotifications.zookeeper.apache.org%3E -

25 Aug 2021, 16:15

Type	Values Removed	Values Added
References		(MLIST) https://lists.apache.org/thread.html/rc5f3df5316c5237b78a3dff5ab95b311ad08e61d418cd992ca7e34ae@%3Cnotifications.zookeeper.apache.org%3E -

25 Aug 2021, 15:15

Type	Values Removed	Values Added
References		(MLIST) https://lists.apache.org/thread.html/r01b4a1fcdf3311c936ce33d75a9398b6c255f00c1a2f312ac21effe1@%3Cnotifications.zookeeper.apache.org%3E - (MLIST) https://lists.apache.org/thread.html/r86528f4b7d222aed7891e7ac03d69a0db2a2dfa17b86ac3470d7f374@%3Cnotifications.zookeeper.apache.org%3E - (MLIST) https://lists.apache.org/thread.html/r20416f39ca7f7344e7d76fe4d7063bb1d91ad106926626e7e83fb346@%3Cnotifications.zookeeper.apache.org%3E - (MLIST) https://lists.apache.org/thread.html/red3aea910403d8620c73e1c7b9c9b145798d0469eb3298a7be7891af@%3Cnotifications.zookeeper.apache.org%3E -

16 Aug 2021, 16:15

Type	Values Removed	Values Added
References		(MLIST) https://lists.apache.org/thread.html/rd09d4ab3e32e4b3a480e2ff6ff118712981ca82e817f28f2a85652a6@%3Cnotifications.zookeeper.apache.org%3E - (MLIST) https://lists.apache.org/thread.html/rca71a10ca533eb9bfac2d590533f02e6fb9064d3b6aa3ec90fdc4f51@%3Cnotifications.zookeeper.apache.org%3E - (MLIST) https://lists.apache.org/thread.html/re41e9967bee064e7369411c28f0f5b2ad28b8334907c9c6208017279@%3Cnotifications.zookeeper.apache.org%3E -

13 Aug 2021, 14:15

Type	Values Removed	Values Added
References		(MLIST) https://lists.debian.org/debian-lts-announce/2021/08/msg00016.html -

12 Aug 2021, 22:15

Type	Values Removed	Values Added
References		(MLIST) https://lists.apache.org/thread.html/rc10fa20ef4d13cbf6ebe0b06b5edb95466a1424a9b7673074ed03260@%3Cnotifications.zookeeper.apache.org%3E -

06 Aug 2021, 20:15

Type	Values Removed	Values Added
References		(MLIST) https://lists.apache.org/thread.html/r477c285126ada5c3b47946bb702cb222ac4e7fd3100c8549bdd6d3b2@%3Cissues.zookeeper.apache.org%3E - (MLIST) https://lists.apache.org/thread.html/rfcd2c649c205f12b72dde044f905903460669a220a2eb7e12652d19d@%3Cdev.zookeeper.apache.org%3E - (MLIST) https://lists.apache.org/thread.html/r2345b49dbffa8a5c3c589c082fe39228a2c1d14f11b96c523da701db@%3Cnotifications.zookeeper.apache.org%3E - (MLIST) https://lists.apache.org/thread.html/r8bfc7235e6b39d90e6f446325a5a44c3e9e50da18860fdabcee23e29@%3Cissues.zookeeper.apache.org%3E - (MLIST) https://lists.apache.org/thread.html/r92ea904f4bae190b03bd42a4355ce3c2fbe8f36ab673e03f6ca3f9fa@%3Cnotifications.zookeeper.apache.org%3E -

05 Aug 2021, 11:15

Type	Values Removed	Values Added
References		(MLIST) https://lists.apache.org/thread.html/rc2dd3204260e9227a67253ef68b6f1599446005bfa0e1ddce4573a80@%3Cpluto-dev.portals.apache.org%3E - (MLIST) https://lists.apache.org/thread.html/r2df50af2641d38f432ef025cd2ba5858215cc0cf3fc10396a674ad2e@%3Cpluto-scm.portals.apache.org%3E - (MLIST) https://lists.apache.org/thread.html/rc65f9bc679feffe4589ea0981ee98bc0af9139470f077a91580eeee0@%3Cpluto-dev.portals.apache.org%3E -

14 Jul 2021, 23:15

Type	Values Removed	Values Added
References		(MLIST) https://lists.apache.org/thread.html/r808be7d93b17a7055c1981a8453ae5f0d0fce5855407793c5d0ffffa@%3Cuser.commons.apache.org%3E - (MLIST) https://lists.apache.org/thread.html/rad4ae544747df32ccd58fff5a86cd556640396aeb161aa71dd3d192a@%3Cuser.commons.apache.org%3E -

21 Jun 2021, 23:15

Type	Values Removed	Values Added
References		(MLIST) https://lists.apache.org/thread.html/r345330b7858304938b7b8029d02537a116d75265a598c98fa333504a@%3Cdev.creadur.apache.org%3E -

17 Jun 2021, 20:15

Type	Values Removed	Values Added
References		(MLIST) https://lists.apache.org/thread.html/r2721aba31a8562639c4b937150897e24f78f747cdbda8641c0f659fe@%3Cusers.kafka.apache.org%3E -

18 May 2021, 13:15

Type	Values Removed	Values Added
References		(MLIST) https://lists.apache.org/thread.html/ra8ef65aedc086d2d3d21492b4c08ae0eb8a3a42cc52e29ba1bc009d8@%3Cdev.creadur.apache.org%3E - (MLIST) https://lists.apache.org/thread.html/r523a6ffad58f71c4f3761e3cee72df878e48cdc89ebdce933be1475c@%3Cdev.creadur.apache.org%3E - (MLIST) https://lists.apache.org/thread.html/rbebd3e19651baa7a4a5503a9901c95989df9d40602c8e35cb05d3eb5@%3Cdev.creadur.apache.org%3E - (MLIST) https://lists.apache.org/thread.html/r2bc986a070457daca457a54fe71ee09d2584c24dc262336ca32b6a19@%3Cdev.creadur.apache.org%3E -

04 May 2021, 13:34

Type	Values Removed	Values Added
References	~~(MLIST) https://lists.apache.org/thread.html/r27b1eedda37468256c4bb768fde1e8b79b37ec975cbbfd0d65a7ac34@%3Cdev.myfaces.apache.org%3E -~~	(MLIST) https://lists.apache.org/thread.html/r27b1eedda37468256c4bb768fde1e8b79b37ec975cbbfd0d65a7ac34@%3Cdev.myfaces.apache.org%3E - Mailing List, Third Party Advisory, Vendor Advisory
References	~~(MLIST) https://lists.apache.org/thread.html/r1c2f4683c35696cf6f863e3c107e37ec41305b1930dd40c17260de71@%3Ccommits.pulsar.apache.org%3E -~~	(MLIST) https://lists.apache.org/thread.html/r1c2f4683c35696cf6f863e3c107e37ec41305b1930dd40c17260de71@%3Ccommits.pulsar.apache.org%3E - Mailing List, Third Party Advisory
References	~~(MISC) https://issues.apache.org/jira/browse/IO-556 - Issue Tracking, Vendor Advisory~~	(MISC) https://issues.apache.org/jira/browse/IO-556 - Exploit, Issue Tracking, Vendor Advisory
CPE	cpe:2.3:a:apache:commons_io::::::::	cpe:2.3:a:apache:commons_io:2.3:-:::::: cpe:2.3:a:apache:commons_io:2.6:-:::::: cpe:2.3:a:apache:commons_io:2.5:-:::::: cpe:2.3:a:apache:commons_io:2.2:-:::::: cpe:2.3:a:apache:commons_io:2.4:-::::::

04 May 2021, 09:15

Type	Values Removed	Values Added
References		(MLIST) https://lists.apache.org/thread.html/r27b1eedda37468256c4bb768fde1e8b79b37ec975cbbfd0d65a7ac34@%3Cdev.myfaces.apache.org%3E -

29 Apr 2021, 11:15

Type	Values Removed	Values Added
References		(MLIST) https://lists.apache.org/thread.html/r1c2f4683c35696cf6f863e3c107e37ec41305b1930dd40c17260de71@%3Ccommits.pulsar.apache.org%3E -

27 Apr 2021, 14:35

Type	Values Removed	Values Added
References	~~(MLIST) https://lists.apache.org/thread.html/raa053846cae9d497606027816ae87b4e002b2e0eb66cb0dee710e1f5@%3Cdev.creadur.apache.org%3E -~~	(MLIST) https://lists.apache.org/thread.html/raa053846cae9d497606027816ae87b4e002b2e0eb66cb0dee710e1f5@%3Cdev.creadur.apache.org%3E - Mailing List, Vendor Advisory
References	~~(MLIST) https://lists.apache.org/thread.html/r47ab6f68cbba8e730f42c4ea752f3a44eb95fb09064070f2476bb401@%3Cdev.creadur.apache.org%3E -~~	(MLIST) https://lists.apache.org/thread.html/r47ab6f68cbba8e730f42c4ea752f3a44eb95fb09064070f2476bb401@%3Cdev.creadur.apache.org%3E - Mailing List, Vendor Advisory
References	~~(MLIST) https://lists.apache.org/thread.html/r8569a41d565ca880a4dee0e645dad1cd17ab4a92e68055ad9ebb7375@%3Cdev.creadur.apache.org%3E -~~	(MLIST) https://lists.apache.org/thread.html/r8569a41d565ca880a4dee0e645dad1cd17ab4a92e68055ad9ebb7375@%3Cdev.creadur.apache.org%3E - Mailing List, Vendor Advisory
References	~~(MLIST) https://lists.apache.org/thread.html/rfa2f08b7c0caf80ca9f4a18bd875918fdd4e894e2ea47942a4589b9c@%3Cdev.creadur.apache.org%3E -~~	(MLIST) https://lists.apache.org/thread.html/rfa2f08b7c0caf80ca9f4a18bd875918fdd4e894e2ea47942a4589b9c@%3Cdev.creadur.apache.org%3E - Mailing List, Vendor Advisory

27 Apr 2021, 10:15

Type	Values Removed	Values Added
References		(MLIST) https://lists.apache.org/thread.html/raa053846cae9d497606027816ae87b4e002b2e0eb66cb0dee710e1f5@%3Cdev.creadur.apache.org%3E - (MLIST) https://lists.apache.org/thread.html/r47ab6f68cbba8e730f42c4ea752f3a44eb95fb09064070f2476bb401@%3Cdev.creadur.apache.org%3E - (MLIST) https://lists.apache.org/thread.html/r8569a41d565ca880a4dee0e645dad1cd17ab4a92e68055ad9ebb7375@%3Cdev.creadur.apache.org%3E - (MLIST) https://lists.apache.org/thread.html/rfa2f08b7c0caf80ca9f4a18bd875918fdd4e894e2ea47942a4589b9c@%3Cdev.creadur.apache.org%3E -

22 Apr 2021, 13:25

Type	Values Removed	Values Added
References		(MLIST) https://lists.apache.org/thread.html/r0d73e2071d1f1afe1a15da14c5b6feb2cf17e3871168d5a3c8451436@%3Ccommits.pulsar.apache.org%3E - Mailing List, Vendor Advisory (MLIST) https://lists.apache.org/thread.html/r873d5ddafc0a68fd999725e559776dc4971d1ab39c0f5cc81bd9bc04@%3Ccommits.pulsar.apache.org%3E - Mailing List, Vendor Advisory
References	~~(MLIST) https://lists.apache.org/thread.html/r8efcbabde973ea72f5e0933adc48ef1425db5cde850bf641b3993f31@%3Cdev.commons.apache.org%3E - Vendor Advisory~~	(MLIST) https://lists.apache.org/thread.html/r8efcbabde973ea72f5e0933adc48ef1425db5cde850bf641b3993f31@%3Cdev.commons.apache.org%3E - Mailing List, Vendor Advisory
References	~~(MLIST) https://lists.apache.org/thread.html/rfd01af05babc95b8949e6d8ea78d9834699e1b06981040dde419a330@%3Cdev.commons.apache.org%3E - Vendor Advisory~~	(MLIST) https://lists.apache.org/thread.html/rfd01af05babc95b8949e6d8ea78d9834699e1b06981040dde419a330@%3Cdev.commons.apache.org%3E - Mailing List, Vendor Advisory

19 Apr 2021, 12:40

Type	Values Removed	Values Added
References	~~(MLIST) https://lists.apache.org/thread.html/r8efcbabde973ea72f5e0933adc48ef1425db5cde850bf641b3993f31@%3Cdev.commons.apache.org%3E -~~	(MLIST) https://lists.apache.org/thread.html/r8efcbabde973ea72f5e0933adc48ef1425db5cde850bf641b3993f31@%3Cdev.commons.apache.org%3E - Vendor Advisory
References	~~(MLIST) https://lists.apache.org/thread.html/rfd01af05babc95b8949e6d8ea78d9834699e1b06981040dde419a330@%3Cdev.commons.apache.org%3E -~~	(MLIST) https://lists.apache.org/thread.html/rfd01af05babc95b8949e6d8ea78d9834699e1b06981040dde419a330@%3Cdev.commons.apache.org%3E - Vendor Advisory
References	~~(MISC) https://lists.apache.org/thread.html/rc359823b5500e9a9a2572678ddb8e01d3505a7ffcadfa8d13b8780ab%40%3Cuser.commons.apache.org%3E -~~	(MISC) https://lists.apache.org/thread.html/rc359823b5500e9a9a2572678ddb8e01d3505a7ffcadfa8d13b8780ab%40%3Cuser.commons.apache.org%3E - Mailing List, Vendor Advisory
References	~~(MISC) https://issues.apache.org/jira/browse/IO-556 -~~	(MISC) https://issues.apache.org/jira/browse/IO-556 - Issue Tracking, Vendor Advisory
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : 5.0 v3 : 5.3
CPE		cpe:2.3:a:apache:commons_io::::::::
CWE		CWE-22

16 Apr 2021, 04:15

Type	Values Removed	Values Added
References		(MLIST) https://lists.apache.org/thread.html/r8efcbabde973ea72f5e0933adc48ef1425db5cde850bf641b3993f31@%3Cdev.commons.apache.org%3E -

14 Apr 2021, 08:15

Type	Values Removed	Values Added
References		(MLIST) https://lists.apache.org/thread.html/rfd01af05babc95b8949e6d8ea78d9834699e1b06981040dde419a330@%3Cdev.commons.apache.org%3E -

13 Apr 2021, 07:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2021-04-13 07:15

Updated : 2023-12-10 13:55

NVD link : CVE-2021-29425

Mitre link : CVE-2021-29425

CVE.ORG link : CVE-2021-29425

JSON object : View

Products Affected

oracle

flexcube_core_banking
solaris_cluster
application_testing_suite
communications_diameter_intelligence_hub
access_manager
retail_size_profile_optimization
banking_enterprise_default_managment
health_sciences_information_manager
agile_engineering_data_management
financial_services_analytical_applications_infrastructure
application_performance_management
communications_contacts_server
communications_convergence
banking_digital_experience
communications_policy_management
retail_order_broker
utilities_testing_accelerator
retail_pricing
insurance_policy_administration
communications_cloud_native_core_policy
communications_pricing_design_center
agile_plm
banking_platform
banking_enterprise_default_management
primavera_unifier
financial_services_model_management_and_governance
retail_assortment_planning
rest_data_services
retail_service_backbone
communications_order_and_service_management
communications_billing_and_revenue_management_elastic_charging_engine
banking_apis
enterprise_session_border_controller
communications_converged_application_server_-_service_controller
retail_integration_bus
retail_xstore_point_of_service
commerce_guided_search
communications_interactive_session_recorder
communications_design_studio
communications_cloud_native_core_network_repository_function
retail_merchandising_system
communications_offline_mediation_controller
fusion_middleware_mapviewer
communications_application_session_controller
enterprise_communications_broker
insurance_rules_palette
helidon
real_user_experience_insight
communications_service_broker
healthcare_data_repository
oss_support_tools
weblogic_server
banking_party_management
communications_cloud_native_core_unified_data_repository
blockchain_platform
webcenter_portal
health_sciences_data_management_workbench

apache

commons_io

debian

debian_linux

netapp

active_iq_unified_manager

CWE

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CWE-20

Improper Input Validation

4.8 /10

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope UNCHANGED

5.8 /10

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact NONE

JSON object

Attach tags to CVE-2021-29425

4.8^/10

5.8^/10

Attach tags to `CVE-2021-29425`