Communications session report manager
This hub aggregates every CVE we track for Communications session report manager, a product in the communications space. Use it to gauge the current risk picture and drill into individual advisories.
69
CVEs tracked
6
Critical
43
High
2
In CISA KEV
Severity distribution
HIGH43MEDIUM18CRITICAL6LOW2
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Communications session report manager.
- CVE-2022-23437Infinite loop within Apache XercesJ xml parser6.5
- CVE-2021-44224Possible NULL dereference or SSRF in forward proxy configurations in Apache HTTP Server 2.4.51 and earlier8.2
- CVE-2021-44790Possible buffer overflow when parsing multipart content in mod_lua of Apache HTTP Server 2.4.51 and earlier9.8
- CVE-2021-45105Apache Log4j2 does not always protect from infinite recursion in lookup evaluation5.9
- CVE-2021-2351Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 19c. Difficult to exploit vulnerability allows u...8.3
- CVE-2021-36090Apache Commons Compress 1.0 to 1.20 denial of service vulnerability7.5
- CVE-2021-33037Incorrect Transfer-Encoding handling with HTTP/1.05.3
- CVE-2021-34428For Eclipse Jetty versions <= 9.4.40, <= 10.0.2, <= 11.0.2, if an exception is thrown from the SessionListener#sessionDestroyed() method, then the session ID is not invalidated in the session ID ma...2.9
- CVE-2021-22118In Spring Framework, versions 5.2.x prior to 5.2.15 and versions 5.3.x prior to 5.3.7, a WebFlux application is vulnerable to a privilege escalation: by (re)creating the temporary storage directory...7.8
- CVE-2021-22696OAuth 2 authorization service vulnerable to DDos attacks7.5
- CVE-2021-28165In Eclipse Jetty 7.2.2 to 9.4.38, 10.0.0.alpha0 to 10.0.1, and 11.0.0.alpha0 to 11.0.1, CPU usage can reach 100% upon receiving a large invalid TLS frame.7.5
- CVE-2021-28163In Eclipse Jetty 9.4.32 to 9.4.38, 10.0.0.beta2 to 10.0.1, and 11.0.0.beta2 to 11.0.1, if a user uses a webapps directory that is a symlink, the contents of the webapps directory is deployed as a s...2.7
- CVE-2021-27906A carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file5.5
- CVE-2021-27807A carefully crafted PDF file can trigger an infinite loop while loading the file5.5
- CVE-2020-13947An instance of a cross-site scripting vulnerability was identified to be present in the web based administration console on the message.jsp page of Apache ActiveMQ versions 5.15.12 through 5.16.0.6.1
Product normalization is registry-driven with AI assist and human review. How it works