Oracle Hyperion_financial_reporting
13 CVEs affecting Oracle Hyperion_financial_reporting. Latest disclosed: 2025-07-15. Critical: 2, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2019-0228 | Critical | 9.8 | 2019-04-17 | Apache PDFBox 2.0.14 does not properly initialize the XML parser, which allows context-dependent attackers to conduct XML External Entity (XXE) attacks via a c… |
CVE-2016-3493 | Critical | 9.8 | 2016-07-21 | Unspecified vulnerability in the Hyperion Financial Reporting component in Oracle Hyperion 11.1.2.4 allows remote attackers to affect confidentiality, integrit… |
CVE-2018-2907 | High | 8.6 | 2018-07-18 | Vulnerability in the Hyperion Financial Reporting component of Oracle Hyperion (subcomponent: Security Models). The supported version that is affected is 11.1… |
CVE-2019-17566 | High | 7.5 | 2020-11-12 | Apache Batik is vulnerable to server-side request forgery, caused by improper input validation by the "xlink:href" attributes. By using a specially-crafted arg… |
CVE-2017-10310 | High | 7.5 | 2017-10-19 | Vulnerability in the Oracle Hyperion Financial Reporting component of Oracle Hyperion (subcomponent: Security Models). The supported version that is affected i… |
CVE-2020-11023 | Medium | 6.9 | 2020-04-29 | In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it… |
CVE-2017-10358 | Medium | 6.4 | 2017-10-19 | Vulnerability in the Oracle Hyperion Financial Reporting component of Oracle Hyperion (subcomponent: Workspace). The supported version that is affected is 11.1… |
CVE-2021-35665 | Medium | 6.1 | 2021-10-20 | Vulnerability in the Hyperion Financial Reporting product of Oracle Hyperion (component: Repository). The supported version that is affected is 11.2.6.0. Easil… |
CVE-2021-27906 | Medium | 5.5 | 2021-03-19 | A carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file. This issue affects Apache PDFBox version 2.0.22 and prior 2.0.x versi… |
CVE-2021-27807 | Medium | 5.5 | 2021-03-19 | A carefully crafted PDF file can trigger an infinite loop while loading the file. This issue affects Apache PDFBox version 2.0.22 and prior 2.0.x versions. |
CVE-2025-50108 | Medium | 5.4 | 2025-07-15 | Vulnerability in the Oracle Hyperion Financial Reporting product of Oracle Hyperion (component: Workspace). The supported version that is affected is 11.2.20… |
CVE-2019-2959 | Medium | 4.2 | 2019-10-16 | Vulnerability in the Hyperion Financial Reporting product of Oracle Hyperion (component: Security Models). The supported version that is affected is 11.1.2.4… |
CVE-2020-2769 | Low | 2.4 | 2020-04-15 | Vulnerability in the Hyperion Financial Reporting product of Oracle Hyperion (component: Web Based Report Designer). The supported version that is affected is… |