Retail Integration Bus@13.0 Security Vulnerabilities and Issues — Retail Integration Bus@13.0 CVE List

Lucene search

OracleRetail Integration Bus13.0

4 matches found

CVE•added 2021/04/13 7:15 a.m.•516 views

CVE-2021-29425

In Apache Commons IO before 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like "//../foo", or "\..\foo", the result would be the same value, thus possibly providing access to files in the parent directory, but not further above (thus "limited" path traversal),...

5.8CVSS6.7AI score0.00357EPSS

CVE•added 2019/11/08 3:15 p.m.•230 views

CVE-2019-10219

A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.

6.5CVSS6AI score0.01915EPSS

CVE•added 2016/07/21 10:15 a.m.•35 views

CVE-2016-5476

Unspecified vulnerability in the Oracle Retail Integration Bus component in Oracle Retail Applications 13.0, 13.1, 13.2, 14.0, 14.1, and 15.0 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to Install.

7.6CVSS6.8AI score0.00778EPSS

CVE•added 2016/07/21 10:12 a.m.•33 views

CVE-2016-3444

Unspecified vulnerability in the Oracle Retail Integration Bus component in Oracle Retail Applications 13.0, 13.1, 13.2, 14.0, 14.1, and 15.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Install.

10CVSS8.4AI score0.0338EPSS