Skip to content

CVEs Addressed in Okera Versions

The following table lists the CVEs that have been addressed in Okera and the earliest Okera releases in which they were addressed. If a CVE is addressed in one release, it is addressed in all later releases as well.

CVE Number Earliest Okera Release
CVE-2017-7525 Incomplete Blacklist 2.11.2
CVE-2017-15095 Deserialization of Untrusted Data 2.11.2
CVE-2017-17485 Deserialization of Untrusted Data 2.11.2
CVE-2018-5968 Deserialization of Untrusted Data 2.11.2
CVE-2018-7489 Incomplete Blacklist 2.11.2
CVE-2018-11307 Deserialization of Untrusted Data 2.11.2
CVE-2018-12022 Deserialization of Untrusted Data 2.11.2
CVE-2018-12023 Deserialization of Untrusted Data 2.11.2
CVE-2018-14718 Deserialization of Untrusted Data 2.11.2
CVE-2018-14719 Deserialization of Untrusted Data 2.11.2
CVE-2018-14720 XML External Entity (XXE) Injection 2.11.2
CVE-2018-14721 Server-Side Request Forgery (SSRF) 2.11.2
CVE-2018-19360 Deserialization of Untrusted Data 2.11.2
CVE-2018-19361 Deserialization of Untrusted Data 2.11.2
CVE-2018-19362 Deserialization of Untrusted Data 2.11.2
CVE-2019-12086 Deserialization of Untrusted Data 2.11.2
CVE-2019-12384 Deserialization of Untrusted Data 2.11.2
CVE-2019-12814 Deserialization of Untrusted Data 2.11.2
CVE-2019-14379 Improperly Controlled Modification of Dynamically-Determined Object Attributes 2.11.2
CVE-2019-14439 Deserialization of Untrusted Data 2.11.2
CVE-2019-14540 Deserialization of Untrusted Data 2.11.2
CVE-2019-14892 Deserialization of Untrusted Data 2.11.2
CVE-2019-14893 Deserialization of Untrusted Data 2.11.2
CVE-2019-16335 Deserialization of Untrusted Data 2.11.2
CVE-2019-16942 Deserialization of Untrusted Data 2.11.2
CVE-2019-16943 Deserialization of Untrusted Data 2.11.2
CVE-2019-17267 Deserialization of Untrusted Data 2.11.2
CVE-2019-17531 Deserialization of Untrusted Data 2.11.2
CVE-2019-20330 Deserialization of Untrusted Data 2.11.2
CVE-2020-8840 Deserialization of Untrusted Data 2.11.2
CVE-2020-9546 Deserialization of Untrusted Data 2.11.2
CVE-2020-9547 Deserialization of Untrusted Data 2.11.2
CVE-2020-9548 Deserialization of Untrusted Data 2.11.2
CVE-2020-10650 Deserialization of Untrusted Data 2.11.2
CVE-2020-10672 CVE-2020-10672 2.11.2
CVE-2020-10673 CVE-2020-10673 2.11.2
CVE-2020-10968 Deserialization of Untrusted Data 2.11.2
CVE-2020-10969 Deserialization of Untrusted Data 2.11.2
CVE-2020-11111 Deserialization of Untrusted Data 2.11.2
CVE-2020-11112 Deserialization of Untrusted Data 2.11.2
CVE-2020-11113 Deserialization of Untrusted Data 2.11.2
CVE-2020-11619 Deserialization of Untrusted Data 2.11.2
CVE-2020-11620 Deserialization of Untrusted Data 2.11.2
CVE-2020-14060 Deserialization of Untrusted Data 2.11.2
CVE-2020-14061 Deserialization of Untrusted Data 2.11.2
CVE-2020-14062 Deserialization of Untrusted Data 2.11.2
CVE-2020-14195 Deserialization of Untrusted Data 2.11.2
CVE-2020-17523 Authentication Bypass 2.10.5
CVE-2020-24616 Deserialization of Untrusted Data 2.11.2
CVE-2020-24750 Deserialization of Untrusted Data 2.11.2
CVE-2020-25649 XML External Entity (XXE) Injection 2.10.5
CVE-2020-28483 HTTP Response Splitting 2.10.5
CVE-2020-35490 Deserialization of Untrusted Data 2.11.2
CVE-2020-35491 Deserialization of Untrusted Data 2.11.2
CVE-2020-35728 Deserialization of Untrusted Data 2.11.2
CVE-2020-36179 Deserialization of Untrusted Data 2.11.2
CVE-2020-36180 Deserialization of Untrusted Data 2.11.2
CVE-2020-36181 Deserialization of Untrusted Data 2.11.2
CVE-2020-36182 Deserialization of Untrusted Data 2.11.2
CVE-2020-36183 Deserialization of Untrusted Data 2.11.2
CVE-2020-36184 Deserialization of Untrusted Data 2.11.2
CVE-2020-36185 Deserialization of Untrusted Data 2.11.2
CVE-2020-36186 Deserialization of Untrusted Data 2.11.2
CVE-2020-36187 Deserialization of Untrusted Data 2.11.2
CVE-2020-36188 Deserialization of Untrusted Data 2.11.2
CVE-2020-36189 Deserialization of Untrusted Data 2.11.2
CVE-2020-36518 Out-of-bounds Write 2.10.5
CVE-2021-20190 Deserialization of Untrusted Data 2.11.2
CVE-2022-2097 Inadequate Encryption Strength 2.10.4
CVE-2022-21434 Oracle Java SE Vulnerability 2.10.5
CVE-2022-22576 Improper Authentication 2.10.4
CVE-2022-22747 NSS Issue 2.10.4
CVE-2022-23437 XML Injection 2.10.5
CVE-2022-24765 Uncontrolled Search Path Element 2.10.4
CVE-2022-25647 Deserialization of Untrusted Data 2.10.5
CVE-2022-27775 Curl 2.10.4
CVE-2022-27781 Loop with Unreachable Exit Condition ('Infinite Loop') 2.10.4
CVE-2022-27782 Improper Certificate Validation 2.10.4
CVE-2022-29155 Ubuntu USN-5424-1 OpenLDAP Vulnerability 2.10.5
CVE-2022-29187 Uncontrolled Search Path Element 2.10.4
CVE-2022-29361 HTTP Request Smuggling 2.10.3
CVE-2022-29458 Out-of-Bounds Read 2.10.5
CVE-2022-31197 SQL Injection 2.10.5
CVE-2022-32205 Allocation of Resources Without Limits or Throttling 2.10.4
CVE-2022-32206 Allocation of Resources Without Limits or Throttling 2.10.4
CVE-2022-32207 Incorrect Default Permissions 2.10.4
CVE-2022-32208 Out-of-Bounds Write 2.10.4
CVE-2022-34169 Incorrect Conversion between Numeric Types 2.10.5
CVE-2022-34480 NSS Issue 2.10.4
CVE-2022-34903 Arbitrary Code Injection 2.10.4
CVE-2022-37434 Out-of-bounds Write 2.10.5