CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2023-22029
https://notcve.org/view.php?id=CVE-2023-22029
Vulnerability in the Oracle Commerce Guided Search product of Oracle Commerce (component: Workbench). The supported version that is affected is 11.3.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Commerce Guided Search. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Commerce Guided Search, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Commerce Guided Search accessible data as well as unauthorized read access to a subset of Oracle Commerce Guided Search accessible data. • https://www.oracle.com/security-alerts/cpuoct2023.html •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-21466
https://notcve.org/view.php?id=CVE-2022-21466
Vulnerability in the Oracle Commerce Guided Search product of Oracle Commerce (component: Tools and Frameworks). The supported version that is affected is 11.3.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Commerce Guided Search. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Commerce Guided Search accessible data. CVSS 3.1 Base Score 7.5 (Confidentiality impacts). • https://www.oracle.com/security-alerts/cpuapr2022.html •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2022-22946
https://notcve.org/view.php?id=CVE-2022-22946
In spring cloud gateway versions prior to 3.1.1+ , applications that are configured to enable HTTP2 and no key store or trusted certificates are set will be configured to use an insecure TrustManager. This makes the gateway able to connect to remote services with invalid or custom certificates. En spring cloud gateway versiones anteriores a 3.1.1+ , las aplicaciones que son configuradas para habilitar HTTP2 y no es establecido un almacén de claves o certificados confiables son configurados para usar un TrustManager no seguro. Esto hace que la pasarela pueda conectarse a servicios remotos con certificados no válidos o personalizados • https://tanzu.vmware.com/security/cve-2022-22946 https://www.oracle.com/security-alerts/cpujul2022.html • CWE-295: Improper Certificate Validation •
CVSS: 10.0EPSS: 97%CPEs: 16EXPL: 28CVE-2022-22947 – VMware Spring Cloud Gateway Code Injection Vulnerability
https://notcve.org/view.php?id=CVE-2022-22947
In spring cloud gateway versions prior to 3.1.1+ and 3.0.7+ , applications are vulnerable to a code injection attack when the Gateway Actuator endpoint is enabled, exposed and unsecured. A remote attacker could make a maliciously crafted request that could allow arbitrary remote execution on the remote host. En spring cloud gateway versiones anteriores a 3.1.1+ y a 3.0.7+ , las aplicaciones son vulnerables a un ataque de inyección de código cuando el endpoint del Actuador de la Puerta de Enlace está habilitado, expuesto y sin seguridad. Un atacante remoto podría realizar una petición maliciosamente diseñada que podría permitir una ejecución remota arbitraria en el host remoto Spring Cloud Gateway version 3.1.0 suffers from a remote code execution vulnerability. Spring Cloud Gateway applications are vulnerable to a code injection attack when the Gateway Actuator endpoint is enabled, exposed and unsecured. • https://www.exploit-db.com/exploits/50799 https://github.com/lucksec/Spring-Cloud-Gateway-CVE-2022-22947 https://github.com/0x7eTeam/CVE-2022-22947 https://github.com/tangxiaofeng7/CVE-2022-22947-Spring-Cloud-Gateway https://github.com/crowsec-edtech/CVE-2022-22947 https://github.com/0730Nophone/CVE-2022-22947- https://github.com/Wrin9/CVE-2022-22947 https://github.com/M0ge/CVE-2022-22947-Spring-Cloud-Gateway-SpelRCE https://github.com/nanaao/CVE-2022-22947-POC https:// • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-917: Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection') •
CVSS: 7.5EPSS: 1%CPEs: 17EXPL: 2CVE-2021-43859 – Denial of Service by injecting highly recursive collections or maps in XStream
https://notcve.org/view.php?id=CVE-2021-43859
XStream is an open source java library to serialize objects to XML and back again. Versions prior to 1.4.19 may allow a remote attacker to allocate 100% CPU time on the target system depending on CPU type or parallel execution of such a payload resulting in a denial of service only by manipulating the processed input stream. XStream 1.4.19 monitors and accumulates the time it takes to add elements to collections and throws an exception if a set threshold is exceeded. Users are advised to upgrade as soon as possible. Users unable to upgrade may set the NO_REFERENCE mode to prevent recursion. • http://www.openwall.com/lists/oss-security/2022/02/09/1 https://github.com/x-stream/xstream/commit/e8e88621ba1c85ac3b8620337dd672e0c0c3a846 https://github.com/x-stream/xstream/security/advisories/GHSA-rmr5-cpv2-vgjf https://lists.debian.org/debian-lts-announce/2022/02/msg00018.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VACQYG356OHUTD5WQGAQ4L2TTFTAV3SJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XODFRE2ZL64FICBJDOPWOLPTSSAI4U7X& • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •