Oracle Big Data Spatial and Graph Big Data Graph denial of service

A vulnerability was found in Oracle Big Data Spatial and Graph (Big Data Software) (version unknown). It has been classified as critical. Affected is an unknown functionality of the component Big Data Graph. Upgrading eliminates this vulnerability. A possible mitigation has been published immediately after the disclosure of the vulnerability.

Field07/20/2022 08:15 AM08/06/2022 03:50 PM08/06/2022 03:55 PM
vendorOracleOracleOracle
nameBig Data Spatial and GraphBig Data Spatial and GraphBig Data Spatial and Graph
cveCVE-2020-36518CVE-2020-36518CVE-2020-36518
componentBig Data GraphBig Data GraphBig Data Graph
risk222
cwe404 (denial of service)404 (denial of service)404 (denial of service)
cvss3_vuldb_avNNN
cvss3_vuldb_acLLL
cvss3_vuldb_prNNN
cvss3_vuldb_uiNNN
cvss3_vuldb_sUUU
cvss3_vuldb_cNNN
cvss3_vuldb_iNNN
cvss3_vuldb_aHHH
cvss3_vuldb_rcCCC
cvss3_vuldb_rlOOO
urlhttps://www.oracle.com/security-alerts/cpujul2022.htmlhttps://www.oracle.com/security-alerts/cpujul2022.htmlhttps://www.oracle.com/security-alerts/cpujul2022.html
date1658181600 (07/19/2022)1658181600 (07/19/2022)1658181600 (07/19/2022)
identifierOracle Critical Patch Update Advisory - July 2022Oracle Critical Patch Update Advisory - July 2022Oracle Critical Patch Update Advisory - July 2022
date1658181600 (07/19/2022)1658181600 (07/19/2022)1658181600 (07/19/2022)
nameUpgradeUpgradeUpgrade
cvss3_meta_basescore7.57.57.5
cvss3_meta_tempscore7.27.27.3
price_0day$5k-$25k$5k-$25k$5k-$25k
typeBig Data SoftwareBig Data SoftwareBig Data Software
cvss2_vuldb_avNNN
cvss2_vuldb_acLLL
cvss2_vuldb_auNNN
cvss2_vuldb_ciNNN
cvss2_vuldb_iiNNN
cvss2_vuldb_aiCCC
cvss2_vuldb_rcCCC
cvss2_vuldb_rlOFOFOF
cvss2_vuldb_eNDNDND
cvss3_vuldb_eXXX
cvss2_vuldb_basescore7.87.87.8
cvss2_vuldb_tempscore6.86.86.8
cvss3_vuldb_basescore7.57.57.5
cvss3_vuldb_tempscore7.27.27.2
cve_assigned1646953200 (03/11/2022)1646953200 (03/11/2022)
cve_nvd_summaryjackson-databind before 2.13.0 allows a Java StackOverflow exception and denial of service via a large depth of nested objects.jackson-databind before 2.13.0 allows a Java StackOverflow exception and denial of service via a large depth of nested objects.
cvss3_nvd_avN
cvss3_nvd_acL
cvss3_nvd_prN
cvss3_nvd_uiN
cvss3_nvd_sU
cvss3_nvd_cN
cvss3_nvd_iN
cvss3_nvd_aH
cvss2_nvd_avN
cvss2_nvd_acL
cvss2_nvd_auN
cvss2_nvd_ciN
cvss2_nvd_iiN
cvss2_nvd_aiP
cvss2_nvd_basescore5.0
cvss3_nvd_basescore7.5

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!