jdedwards 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。
一般的な弱点パターンには vendor risk memory corruption and vendor risk denial of service があり、vendor surface production workloads and vendor surface software deployment の利用場面で vendor impact memory corruption and アプリケーションクラッシュ などのリスクが生じる可能性があります。
掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2020-1967 | Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the "signature_algorithms_cert" TLS extension. The crash occurs if an invalid or unrecognised signature algorithm is received from the peer. This could be exploited by a malicious peer in a Denial of Service attack. OpenSSL version 1.1.1d, 1.1.1e, and 1.1.1f are affected by this issue. This issue did not affect | [email protected] | 7.5 | 60.77% | 2020-04-21 | 2024-11-21 |
| CVE-2008-5455 | Unspecified vulnerability in the PeopleSoft Enterprise HRMS - ePerformance component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.9.18 allows remote authenticated users to affect confidentiality and integrity via unknown vectors. | [email protected] | 4.9 | 0.25% | 2009-01-14 | 2026-04-23 |
| CVE-2008-5452 | Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.9.18 allows remote authenticated users to affect confidentiality and integrity via unknown vectors. | [email protected] | 5.5 | 0.25% | 2009-01-14 | 2026-04-23 |
| CVE-2008-5451 | Unspecified vulnerability in the JD Edwards Tools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.97.2.5 allows remote authenticated users to affect confidentiality via unknown vectors. | [email protected] | 4.0 | 0.25% | 2009-01-14 | 2026-04-23 |
| CVE-2008-4004 | Unspecified vulnerability in the JDE EnterpriseOne Business Service Server component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.97.2.2 and 8.98.0.1 allows local users to affect confidentiality and integrity via unknown vectors. | [email protected] | 3.2 | 0.20% | 2008-10-14 | 2026-04-23 |
| CVE-2008-4000 | Unspecified vulnerability in the PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.18 and 8.49.14 allows remote attackers to affect confidentiality and integrity via unknown vectors. NOTE: the previous information was obtained from the Oracle October 2008 CPU. Oracle has not commented on reliable researcher claims that this issue allows bypass of the lockout mechanism using brute force guessing of credentials and a response discrepancy information leak when | [email protected] | 6.4 | 1.06% | 2008-10-14 | 2026-04-23 |
| CVE-2008-1830 | Unspecified vulnerability in the PeopleSoft HCM ePerformance component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.9 and 9.0 has unknown impact and remote attack vectors, aka PSE03. | [email protected] | 9.0 | 1.41% | 2008-04-16 | 2026-04-23 |
| CVE-2008-1828 | Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.22.19, 8.48.16, and 8.49.09 has unknown impact and remote authenticated attack vectors, aka PSE01. | [email protected] | 9.0 | 3.22% | 2008-04-16 | 2026-04-23 |
| CVE-2006-1884 | Unspecified vulnerability in the Oracle Thesaurus Management System component in Oracle E-Business Suite and OPA 4.5.2 Applications has unknown impact and attack vectors, aka Vuln# OPA01. | [email protected] | 10.0 | 1.32% | 2006-04-20 | 2026-04-16 |
| CVE-2005-3465 | Unspecified vulnerability in JDEdwards HTML Server in Oracle EnterpriseOne 8.94 OneWorld XE up to 8.95_B1, 8.94_Q1, and SP23_K1 has unknown impact and attack vectors, as identified by Oracle Vuln# JDE01. | [email protected] | 10.0 | 4.24% | 2005-11-02 | 2026-04-16 |