Retail Advanced Inventory Planning Security Vulnerabilities and Issues — Retail Advanced Inventory Planning CVE List

Lucene search

OracleRetail Advanced Inventory Planning

3 matches found

CVE•added 2020/04/27 4:15 p.m.•421 views

CVE-2020-9488

Improper validation of certificate with host mismatch in Apache Log4j SMTP appender. This could allow an SMTPS connection to be intercepted by a man-in-the-middle attack which could leak any log messages sent through that appender. Fixed in Apache Log4j 2.12.3 and 2.13.1

4.3CVSS6AI score0.00022EPSS

CVE•added 2020/05/14 4:15 p.m.•411 views

CVE-2020-1945

Apache Ant 1.1 to 1.9.14 and 1.10.0 to 1.10.7 uses the default temporary directory identified by the Java system property java.io.tmpdir for several tasks and may thus leak sensitive information. The fixcrlf and replaceregexp tasks also copy files from the temporary directory back into the build tr...

6.3CVSS6.8AI score0.00021EPSS

CVE•added 2020/10/01 8:15 p.m.•277 views

CVE-2020-11979

As mitigation for CVE-2020-1945 Apache Ant 1.10.8 changed the permissions of temporary files it created so that only the current user was allowed to access them. Unfortunately the fixcrlf task deleted the temporary file and created a new one without said protection, effectively nullifying the effor...

7.5CVSS6.9AI score0.00591EPSS