Known Vulnerabilities for Retail Back Office by Oracle
Listed below are 10 of the newest known vulnerabilities associated with "Retail Back Office" by "Oracle".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-45105 json | Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion fro... | 5.9 - MEDIUM | 2021-12-18 | 2022-10-06 |
| CVE-2021-36374 json | When reading a specially crafted ZIP archive, or a derived formats, an Apache Ant build can be made to allocate large amounts... | 5.5 - MEDIUM | 2021-07-14 | 2023-11-07 |
| CVE-2021-36373 json | When reading a specially crafted TAR archive an Apache Ant build can be made to allocate large amounts of memory that finally... | 5.5 - MEDIUM | 2021-07-14 | 2023-11-07 |
| CVE-2021-35043 json | OWASP AntiSamy before 1.6.4 allows XSS via HTML attributes when using the HTML output serializer (XHTML is not affected). Thi... | 6.1 - MEDIUM | 2021-07-19 | 2022-10-29 |
| CVE-2021-2351 json | Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versions that are affected are... | 8.3 - HIGH | 2021-07-21 | 2023-10-23 |
| CVE-2020-11987 json | Apache Batik 1.13 is vulnerable to server-side request forgery, caused by improper input validation by the NodePickerPanel. B... | 8.2 - HIGH | 2021-02-24 | 2024-02-01 |
| CVE-2020-5398 json | In Spring Framework, versions 5.2.x prior to 5.2.3, versions 5.1.x prior to 5.1.13, and versions 5.0.x prior to 5.0.16, an ap... | 7.5 - HIGH | 2020-01-17 | 2023-11-07 |
| CVE-2020-5397 json | Spring Framework, versions 5.2.x prior to 5.2.3 are vulnerable to CSRF attacks through CORS preflight requests that target Sp... | 5.3 - MEDIUM | 2020-01-17 | 2022-07-25 |
| CVE-2020-1945 json | Apache Ant 1.1 to 1.9.14 and 1.10.0 to 1.10.7 uses the default temporary directory identified by the Java system property jav... | 6.3 - MEDIUM | 2020-05-14 | 2023-11-07 |
| CVE-2019-13990 json | initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracotta Quartz Scheduler through 2.3.0 allows XXE attacks via... | 9.8 - CRITICAL | 2019-07-26 | 2023-12-22 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Oracle | Retail Back Office | 14.1.3.1 | |||
| Application | Oracle | Retail Back Office | 14.1.3 | |||
| Application | Oracle | Retail Back Office | 14.1.2 | |||
| Application | Oracle | Retail Back Office | 14.1.1 | |||
| Application | Oracle | Retail Back Office | 14.1 | |||
| Application | Oracle | Retail Back Office | 14.0.4.1 | |||
| Application | Oracle | Retail Back Office | 14.0.4 | |||
| Application | Oracle | Retail Back Office | 14.0.3 | |||
| Application | Oracle | Retail Back Office | 14.0.2 | |||
| Application | Oracle | Retail Back Office | 14.0.1.1 | |||
| Application | Oracle | Retail Back Office | 14.0.1 | |||
| Application | Oracle | Retail Back Office | 14.0 | |||
| Application | Oracle | Retail Back Office | 13.4.9.1 | |||
| Application | Oracle | Retail Back Office | 13.4.9 | |||
| Application | Oracle | Retail Back Office | 13.4.8 | |||
| Application | Oracle | Retail Back Office | 13.4.7 | |||
| Application | Oracle | Retail Back Office | 13.4.6 | |||
| Application | Oracle | Retail Back Office | 13.4.5 | |||
| Application | Oracle | Retail Back Office | 13.4.1 | |||
| Application | Oracle | Retail Back Office | 13.4 |