Banking platform

This hub aggregates every CVE we track for Banking platform, a product in the enterprise software space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Banking platform.

• CVE-2021-45105Apache Log4j2 does not always protect from infinite recursion in lookup evaluation5.9Dec 18, 2021
• CVE-2021-43797HTTP fails to validate against control chars in header names which may lead to HTTP request smuggling6.5Dec 9, 2021
• CVE-2021-41184XSS in the `of` option of the `.position()` util6.5Oct 26, 2021
• CVE-2021-41183XSS in `*Text` options of the Datepicker widget6.5Oct 26, 2021
• CVE-2021-41182XSS in the `altField` option of the Datepicker widget6.5Oct 26, 2021
• CVE-2021-2351Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 19c. Difficult to exploit vulnerability allows u...8.3Jul 20, 2021
• CVE-2021-35043OWASP AntiSamy before 1.6.4 allows XSS via HTML attributes when using the HTML output serializer (XHTML is not affected). This was demonstrated by a javascript: URL with &#00058 as the replacement ...6.1Jul 19, 2021
• CVE-2021-36090Apache Commons Compress 1.0 to 1.20 denial of service vulnerability7.5Jul 13, 2021
• CVE-2020-6950Directory traversal in Eclipse Mojarra before 2.3.14 allows attackers to read arbitrary files via the loc parameter or con parameter.6.5Jun 2, 2021
• CVE-2021-29425Possible limited path traversal vulnerabily in Apache Commons IO4.8Apr 13, 2021
• CVE-2021-21348XStream is vulnerable to an attack using Regular Expression for a Denial of Service (ReDos)5.3Mar 22, 2021
• CVE-2021-21349A Server-Side Forgery Request can be activated unmarshalling with XStream to access data streams from an arbitrary URL referencing a resource in an intranet or the local host6.1Mar 22, 2021
• CVE-2021-21350XStream is vulnerable to an Arbitrary Code Execution attack5.3Mar 22, 2021
• CVE-2021-21351XStream is vulnerable to an Arbitrary Code Execution attack5.4Mar 22, 2021
• CVE-2021-21341XStream can cause a Denial of Service7.5Mar 22, 2021