CVE-2022-42003 in Oracle FLEXCUBE Investor Servicinginfo

Summary

In FasterXML jackson-databind before versions 2.13.4.1 and 2.12.17.1, resource exhaustion can occur because of a lack of a check in primitive value deserializers to avoid deep wrapper array nesting, when the UNWRAP_SINGLE_VALUE_ARRAYS feature is enabled.

Reservation

10/02/2022

Disclosure

10/02/2022

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
251127	Oracle FLEXCUBE Investor Servicing Infrastructure Code denial of service	404	Not defined	Official fix	CVE-2022-42003
251122	Oracle Banking Virtual Account Management Common Core denial of service	404	Not defined	Official fix	CVE-2022-42003
251110	Oracle Banking Extensibility Workbench Infrastructure denial of service	404	Not defined	Official fix	CVE-2022-42003
251104	Oracle Banking Corporate Lending Process Management Base denial of service	404	Not defined	Official fix	CVE-2022-42003
251087	Oracle Enterprise Manager for Virtualization Plug-In Lifecycle denial of service	404	Not defined	Official fix	CVE-2022-42003
251082	Oracle Enterprise Manager Base Platform Extensibility denial of service	404	Not defined	Official fix	CVE-2022-42003
251081	Oracle Enterprise Manager Base Platform Agent Next Gen denial of service	404	Not defined	Official fix	CVE-2022-42003
242585	Oracle Banking Deposits and Lines of Credit Servicing UI denial of service	404	Not defined	Official fix	CVE-2022-42003
234960	Oracle Autovue for Agile Product Lifecycle Management Core denial of service	404	Not defined	Official fix	CVE-2022-42003
234948	Oracle Siebel CRM Siebel Core denial of service	404	Not defined	Official fix	CVE-2022-42003
234859	Oracle Business Intelligence Enterprise Edition Visual Analyzer denial of service	404	Not defined	Official fix	CVE-2022-42003
234734	Oracle FLEXCUBE Universal Banking INFRA code denial of service	404	Not defined	Official fix	CVE-2022-42003
234724	Oracle Banking Treasury Management Infra Code denial of service	404	Not defined	Official fix	CVE-2022-42003
234721	Oracle Banking Trade Finance Process Management Dashboard denial of service	404	Not defined	Official fix	CVE-2022-42003
234713	Oracle Banking Trade Finance Infrastructure denial of service	404	Not defined	Official fix	CVE-2022-42003
234711	Oracle Banking Supply Chain Finance Security denial of service	404	Not defined	Official fix	CVE-2022-42003
234701	Oracle Banking Liquidity Management Common denial of service	404	Not defined	Official fix	CVE-2022-42003
234692	Oracle Banking Credit Facilities Process Management Common denial of service	404	Not defined	Official fix	CVE-2022-42003
234679	Oracle Banking Corporate Lending core module denial of service	404	Not defined	Official fix	CVE-2022-42003
234677	Oracle Banking Cash Management Accessibility denial of service	404	Not defined	Official fix	CVE-2022-42003
234631	Oracle Application Testing Suite Load Testing for Web Apps denial of service	404	Not defined	Official fix	CVE-2022-42003
234487	Oracle GoldenGate Stream Analytics denial of service	404	Not defined	Official fix	CVE-2022-42003
226722	Oracle Agile PLM Security denial of service	404	Not defined	Official fix	CVE-2022-42003
226715	Oracle Siebel CRM EAI denial of service	404	Not defined	Official fix	CVE-2022-42003
226706	Oracle Retail Xstore Point of Service Xenvironment denial of service	404	Not defined	Official fix	CVE-2022-42003
226704	Oracle Retail Sales Audit denial of service	404	Not defined	Official fix	CVE-2022-42003
226703	Oracle Retail Merchandising System Foundation denial of service	404	Not defined	Official fix	CVE-2022-42003
226702	Oracle Retail Customer Management and Segmentation Foundation Internal Operations denial of service	404	Not defined	Official fix	CVE-2022-42003
226641	Oracle JD Edwards EnterpriseOne Tools Web Runtime SEC denial of service	404	Not defined	Official fix	CVE-2022-42003
226623	Oracle Documaker Development Tools denial of service	404	Not defined	Official fix	CVE-2022-42003
226609	Oracle Healthcare Translational Research User denial of service	404	Not defined	Official fix	CVE-2022-42003
226579	Oracle Business Intelligence Enterprise Edition Analytics Server denial of service	404	Not defined	Official fix	CVE-2022-42003
226546	Oracle WebCenter Portal Security denial of service	404	Not defined	Official fix	CVE-2022-42003
226538	Oracle Identity Manager Installer denial of service	404	Not defined	Official fix	CVE-2022-42003
226535	Oracle Coherence Core denial of service	404	Not defined	Official fix	CVE-2022-42003
226533	Oracle Business Process Management Suite Installer denial of service	404	Not defined	Official fix	CVE-2022-42003
226478	Oracle Financial Services Enterprise Case Management Application denial of service	404	Not defined	Official fix	CVE-2022-42003
226475	Oracle Financial Services Behavior Detection Platform Application denial of service	404	Not defined	Official fix	CVE-2022-42003
226474	Oracle Financial Services Analytical Applications Infrastructure denial of service	404	Not defined	Official fix	CVE-2022-42003
226466	Oracle Banking Digital Experience UI General denial of service	404	Not defined	Official fix	CVE-2022-42003
226419	Oracle SD-WAN Edge Internal tools denial of service	404	Not defined	Official fix	CVE-2022-42003
226417	Oracle Communications Session Report Manager BEServer denial of service	404	Not defined	Official fix	CVE-2022-42003
226413	Oracle Communications Policy Management Core denial of service	404	Not defined	Official fix	CVE-2022-42003
226410	Oracle Communications Element Manager BEServer denial of service	404	Not defined	Official fix	CVE-2022-42003
226405	Oracle Communications Cloud Native Core Service Communication Proxy Install/Upgrade denial of service	404	Not defined	Official fix	CVE-2022-42003
226337	Oracle Commerce Guided Search Content Acquisition System/Workbench denial of service	404	Not defined	Official fix	CVE-2022-42003
226333	Oracle SQL Developer Infrastructure denial of service	404	Not defined	Official fix	CVE-2022-42003
226330	Oracle NoSQL Database Administration denial of service	404	Not defined	Official fix	CVE-2022-42003
226329	Oracle Graph Server and Client Packaging denial of service	404	Not defined	Official fix	CVE-2022-42003
226328	Oracle GoldenGate denial of service	404	Not defined	Official fix	CVE-2022-42003

32 More entries are not shown

🔒 Login Required

You need to signup and login to see more of the remaining 32 results.

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

◂ PreviousOverviewNext ▸

Interested in the pricing of exploits?

See the underground prices here!