Oracle Retail_order_broker
5 CVEs affecting Oracle Retail_order_broker. Latest disclosed: 2022-05-01. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2022-25647 | High | 7.7 | 2022-05-01 | The package com.google.code.gson:gson before 2.8.9 are vulnerable to Deserialization of Untrusted Data via the writeReplace() method in internal classes, which… |
CVE-2016-3565 | High | 7.6 | 2016-07-21 | Unspecified vulnerability in the Oracle Retail Order Broker component in Oracle Retail Applications 5.1 and 5.2 allows remote authenticated users to affect con… |
CVE-2021-44832 | Medium | 6.6 | 2021-12-28 | Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12.4) are vulnerable to a remote code execution (RCE) attack when… |
CVE-2017-15707 | Medium | 6.2 | 2017-12-01 | In Apache Struts 2.5 to 2.5.14, the REST Plugin is using an outdated JSON-lib library which is vulnerable and allow perform a DoS attack using malicious reques… |
CVE-2021-45105 | Medium | 5.9 | 2021-12-18 | Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from self-referential lookups. This a… |