CNNVD-202601-3157 Information

CNNVD ID

CNNVD-202601-3157

Related CVE

CVE-2026-21931

• CNNVD Published: 2026-01-20

Description (Chinese)

Oracle APEX是美国甲骨文（Oracle）公司的一个低代码开发平台。 Oracle APEX的Oracle APEX Sample Applications 23.2.0版本、23.2.1版本、24.1.0版本、24.2.0版本和24.2.1版本存在安全漏洞，该漏洞源于低权限攻击者可通过HTTP网络访问进行攻击，可能导致未经授权的数据访问。

Description (English)

Oracle APEX is a low-code development platform for Oracle. There are security gaps in Oracle APEX, Oracle APEX Sample Applications, 23.2.0, 23.2.1, 24.1.0, 24.2.0 and 24.2.1, which stem from the fact that low-authorized attackers can attack through the HTTP network and may lead to unauthorized data access.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

甲骨文

Published

2026-01-20

Last Modified

2026-02-24

References

https://access.redhat.com/security/cve/cve-2026-21931 https://www.oracle.com/security-alerts/cpujan2026.html

Patch

https://www.oracle.com/security-alerts/cpujan2026.html