📦 Communications Cloud Native Core Security Edge Protection Proxy
by Oracle
🔍 What is Communications Cloud Native Core Security Edge Protection Proxy?
Description coming soon...
🛡️ Security Overview
Click on a severity to filter vulnerabilities
⚠️ Known Vulnerabilities
This vulnerability allows remote attackers to execute arbitrary code on systems running vulnerable versions of Spring Cloud Function. Attackers can craft malicious SpEL expressions in routing function...
CVE-2022-22947 is a critical remote code execution vulnerability in Spring Cloud Gateway when the Actuator endpoint is enabled and exposed without proper security controls. Attackers can send speciall...
CVE-2020-36518 is a denial-of-service vulnerability in Jackson Databind where processing deeply nested JSON objects causes a Java StackOverflowError, crashing the application. This affects any Java ap...
CVE-2022-24407 is a SQL injection vulnerability in Cyrus SASL authentication library. It allows attackers to inject arbitrary SQL commands via unescaped passwords in SQL INSERT/UPDATE statements. Syst...
CVE-2021-37136 is a denial-of-service vulnerability in Netty's Bzip2Decoder that allows attackers to trigger out-of-memory errors by sending specially crafted Bzip2 compressed data. The vulnerability ...
This OpenSSL vulnerability allows attackers to cause buffer overruns when applications directly construct ASN.1 strings without proper NUL termination. Exploitation can lead to denial of service or me...
This vulnerability allows a locally authenticated malicious user to escalate privileges in Spring Framework WebFlux applications by manipulating temporary storage directories. Attackers can read or mo...
This vulnerability in Apache Tomcat allows HTTP/2 cleartext (h2c) connections to leak request data between users. When processing h2c requests, Tomcat could duplicate headers and limited body content ...