Insurance policy administration
This hub aggregates every CVE we track for Insurance policy administration, a product in the enterprise software space. Use it to gauge the current risk picture and drill into individual advisories.
32
CVEs tracked
3
Critical
22
High
0
In CISA KEV
Severity distribution
HIGH22MEDIUM7CRITICAL3
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-082026-07
Latest CVEs
The 15 most recently published vulnerabilities affecting Insurance policy administration.
- CVE-2021-2351Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 19c. Difficult to exploit vulnerability allows u...8.3
- CVE-2021-35043OWASP AntiSamy before 1.6.4 allows XSS via HTML attributes when using the HTML output serializer (XHTML is not affected). This was demonstrated by a javascript: URL with : as the replacement ...6.1
- CVE-2021-36374Apache Ant ZIP, and ZIP based, archive denial of service vulerability5.5
- CVE-2021-36373Apache Ant TAR archive denial of service vulnerability5.5
- CVE-2021-36090Apache Commons Compress 1.0 to 1.20 denial of service vulnerability7.5
- CVE-2021-35517Apache Commons Compress 1.1 to 1.20 denial of service vulnerability7.5
- CVE-2021-35516Apache Commons Compress 1.6 to 1.20 denial of service vulnerability7.5
- CVE-2021-35515Apache Commons Compress 1.6 to 1.20 denial of service vulnerability7.5
- CVE-2021-22118In Spring Framework, versions 5.2.x prior to 5.2.15 and versions 5.3.x prior to 5.3.7, a WebFlux application is vulnerable to a privilege escalation: by (re)creating the temporary storage directory...7.8
- CVE-2021-29425Possible limited path traversal vulnerabily in Apache Commons IO4.8
- CVE-2020-11987Apache Batik 1.13 is vulnerable to server-side request forgery, caused by improper input validation by the NodePickerPanel. By using a specially-crafted argument, an attacker could exploit this vul...8.2
- CVE-2021-22112Spring Security 5.4.x prior to 5.4.4, 5.3.x prior to 5.3.8.RELEASE, 5.2.x prior to 5.2.9.RELEASE, and older unsupported versions can fail to save the SecurityContext if it is changed more than once...8.8
- CVE-2020-36179FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS.8.1
- CVE-2020-36180FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS.8.1
- CVE-2020-36182FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS.8.1
Product normalization is registry-driven with AI assist and human review. How it works