Communications policy management
This hub aggregates every CVE we track for Communications policy management, a product in the databases space. Use it to gauge the current risk picture and drill into individual advisories.
50
CVEs tracked
5
Critical
21
High
3
In CISA KEV
Severity distribution
MEDIUM23HIGH21CRITICAL5LOW1
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Communications policy management.
- CVE-2022-22965A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a W...KEV9.8
- CVE-2021-43859Denial of Service by injecting highly recursive collections or maps in XStream7.5
- CVE-2021-23450Prototype Pollution7.5
- CVE-2021-43527NSS (Network Security Services) versions prior to 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures. Applications using NSS for handling signa...9.8
- CVE-2021-33037Incorrect Transfer-Encoding handling with HTTP/1.05.3
- CVE-2021-29425Possible limited path traversal vulnerabily in Apache Commons IO4.8
- CVE-2021-21348XStream is vulnerable to an attack using Regular Expression for a Denial of Service (ReDos)5.3
- CVE-2021-21349A Server-Side Forgery Request can be activated unmarshalling with XStream to access data streams from an arbitrary URL referencing a resource in an intranet or the local host6.1
- CVE-2021-21350XStream is vulnerable to an Arbitrary Code Execution attack5.3
- CVE-2021-21351XStream is vulnerable to an Arbitrary Code Execution attack5.4
- CVE-2021-21342A Server-Side Forgery Request can be activated unmarshalling with XStream to access data streams from an arbitrary URL referencing a resource in an intranet or the local host5.3
- CVE-2021-21343XStream is vulnerable to an Arbitrary File Deletion on the local host when unmarshalling as long as the executing process has sufficient rights5.3
- CVE-2021-21344XStream is vulnerable to an Arbitrary Code Execution attack5.3
- CVE-2021-21345XStream is vulnerable to a Remote Command Execution attack5.8
- CVE-2021-21346XStream is vulnerable to an Arbitrary Code Execution attack6.1
Product normalization is registry-driven with AI assist and human review. How it works