Filtered by vendor Oracle
Subscribe
Filtered by product Financial Services Crime And Compliance Management Studio
Subscribe
Total
22 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-23337 | 4 Lodash, Netapp, Oracle and 1 more | 23 Lodash, Active Iq Unified Manager, Cloud Manager and 20 more | 2023-12-10 | 6.5 MEDIUM | 7.2 HIGH |
Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function. | |||||
CVE-2020-7712 | 2 Joyent, Oracle | 5 Json, Commerce Guided Search, Financial Services Crime And Compliance Management Studio and 2 more | 2023-12-10 | 6.5 MEDIUM | 7.2 HIGH |
This affects the package json before 10.0.0. It is possible to inject arbritary commands using the parseLookup function. |