Banking credit facilities process management
This hub aggregates every CVE we track for Banking credit facilities process management, a product in the enterprise software space. Use it to gauge the current risk picture and drill into individual advisories.
27
CVEs tracked
3
Critical
18
High
1
In CISA KEV
Severity distribution
HIGH18MEDIUM6CRITICAL3
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Banking credit facilities process management.
- CVE-2022-22963In Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions, when using routing functionality it is possible for a user to provide a specially crafted SpEL as a routing-expression...KEV9.8
- CVE-2021-31811A carefully crafted PDF file can trigger an OutOfMemory-Exception while loading a tiny file5.5
- CVE-2021-31812A carefully crafted PDF file can trigger an infinite loop while loading the file5.5
- CVE-2021-29505XStream is vulnerable to a Remote Command Execution attack7.5
- CVE-2021-21409Possible request smuggling in HTTP/2 due missing validation of content-length5.9
- CVE-2021-27906A carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file5.5
- CVE-2021-23337Command Injection7.2
- CVE-2020-28500Regular Expression Denial of Service (ReDoS)5.3
- CVE-2021-21290Local Information Disclosure Vulnerability in Netty on Unix-Like systems due temporary files6.2
- CVE-2020-36179FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS.8.1
- CVE-2020-36180FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS.8.1
- CVE-2020-36182FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS.8.1
- CVE-2020-36183FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool.8.1
- CVE-2020-36184FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource.8.1
- CVE-2020-36185FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource.8.1
Product normalization is registry-driven with AI assist and human review. How it works