Banking apis
This hub aggregates every CVE we track for Banking apis, a product in the enterprise software space. Use it to gauge the current risk picture and drill into individual advisories.
14
CVEs tracked
1
Critical
9
High
0
In CISA KEV
Severity distribution
HIGH9MEDIUM3LOW1CRITICAL1
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-082026-07
Latest CVEs
The 14 most recently published vulnerabilities affecting Banking apis.
- CVE-2021-41165HTML comments vulnerability allowing to execute JavaScript code8.2
- CVE-2021-41164Advanced Content Filter (ACF) vulnerability allowing to execute JavaScript code using malformed HTML8.2
- CVE-2021-37136The Bzip2 decompression decoder function doesn't allow setting size restrictions on the decompressed output data (which affects the allocation size used during decompression). All users of Bzip2Dec...7.5
- CVE-2021-37137The Snappy frame decoder function doesn't restrict the chunk length which may lead to excessive memory usage. Beside this it also may buffer reserved skippable chunks until the whole chunk was rece...7.5
- CVE-2021-2351Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 19c. Difficult to exploit vulnerability allows u...8.3
- CVE-2021-36090Apache Commons Compress 1.0 to 1.20 denial of service vulnerability7.5
- CVE-2021-35517Apache Commons Compress 1.1 to 1.20 denial of service vulnerability7.5
- CVE-2021-29425Possible limited path traversal vulnerabily in Apache Commons IO4.8
- CVE-2021-28164In Eclipse Jetty 9.4.37.v20210219 to 9.4.38.v20210224, the default compliance mode allows requests with URIs that contain %2e or %2e%2e segments to access protected resources within the WEB-INF dir...5.3
- CVE-2021-28163In Eclipse Jetty 9.4.32 to 9.4.38, 10.0.0.beta2 to 10.0.1, and 11.0.0.beta2 to 11.0.1, if a user uses a webapps directory that is a symlink, the contents of the webapps directory is deployed as a s...2.7
- CVE-2020-11987Apache Batik 1.13 is vulnerable to server-side request forgery, caused by improper input validation by the NodePickerPanel. By using a specially-crafted argument, an attacker could exploit this vul...8.2
- CVE-2020-25649A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw allows vulnerability to XML external entity (XXE) attacks. The highest threat from...7.5
- CVE-2019-10219A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. T...6.1
- CVE-2019-17495A Cascading Style Sheets (CSS) injection vulnerability in Swagger UI before 3.23.11 allows attackers to use the Relative Path Overwrite (RPO) technique to perform CSS-based input field value exfilt...9.8
Product normalization is registry-driven with AI assist and human review. How it works