CVE-2021-2069
https://notcve.org/view.php?id=CVE-2021-2069
Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Filters). Supported versions that are affected are 8.5.4 and 8.5.5. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In Technology. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Outside In Technology accessible data as well as unauthorized read access to a subset of Oracle Outside In Technology accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Outside In Technology. Note: Outside In Technology is a suite of software development kits (SDKs). • https://www.oracle.com/security-alerts/cpujan2021.html •
CVE-2021-2068
https://notcve.org/view.php?id=CVE-2021-2068
Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Filters). Supported versions that are affected are 8.5.4 and 8.5.5. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In Technology. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Outside In Technology accessible data as well as unauthorized read access to a subset of Oracle Outside In Technology accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Outside In Technology. Note: Outside In Technology is a suite of software development kits (SDKs). • https://www.oracle.com/security-alerts/cpujan2021.html •
CVE-2021-2067
https://notcve.org/view.php?id=CVE-2021-2067
Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Filters). Supported versions that are affected are 8.5.4 and 8.5.5. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In Technology. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Outside In Technology accessible data as well as unauthorized read access to a subset of Oracle Outside In Technology accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Outside In Technology. Note: Outside In Technology is a suite of software development kits (SDKs). • https://www.oracle.com/security-alerts/cpujan2021.html •
CVE-2021-2066
https://notcve.org/view.php?id=CVE-2021-2066
Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Filters). Supported versions that are affected are 8.5.4 and 8.5.5. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In Technology. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Outside In Technology accessible data as well as unauthorized read access to a subset of Oracle Outside In Technology accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Outside In Technology. Note: Outside In Technology is a suite of software development kits (SDKs). • https://www.oracle.com/security-alerts/cpujan2021.html •
CVE-2020-15389 – openjpeg: use-after-free and double-free via a mix of valid and invalid files in a directory operated on by the decompressor
https://notcve.org/view.php?id=CVE-2020-15389
jp2/opj_decompress.c in OpenJPEG through 2.3.1 has a use-after-free that can be triggered if there is a mix of valid and invalid files in a directory operated on by the decompressor. Triggering a double-free may also be possible. This is related to calling opj_image_destroy twice. El archivo jp2/opj_decompress.c en OpenJPEG versiones hasta 2.3.1 presenta un uso de la memoria previamente liberada que puede ser desencadenada si existe una combinación de archivos válidos y no válidos en un directorio operado por el descompresor. Desencadenar una doble liberación también puede ser posible. • https://github.com/uclouvain/openjpeg/issues/1261 https://lists.debian.org/debian-lts-announce/2020/07/msg00008.html https://pastebin.com/4sDKQ7U8 https://security.gentoo.org/glsa/202101-29 https://www.debian.org/security/2021/dsa-4882 https://www.oracle.com//security-alerts/cpujul2021.html https://www.oracle.com/security-alerts/cpuoct2020.html https://access.redhat.com/security/cve/CVE-2020-15389 https://bugzilla.redhat.com/show_bug.cgi?id=1852869 • CWE-416: Use After Free •