Known Vulnerabilities for Retail Integration Bus by Oracle

Listed below are 10 of the newest known vulnerabilities associated with "Retail Integration Bus" by "Oracle".

These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.

Data on known vulnerable versions is also displayed based on information from known CPEs

Known Vulnerabilities

CVE	Shortened Description	Severity	Publish Date	Last Modified
CVE-2022-23437	There's a vulnerability within the Apache Xerces Java (XercesJ) XML parser when handling specially crafted XML document paylo...	6.5 - MEDIUM	2022-01-24	2023-08-08
CVE-2022-22965	A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data bindin...	9.8 - CRITICAL	2022-04-01	2023-02-09
CVE-2021-40690	All versions of Apache Santuario - XML Security for Java prior to 2.2.3 and 2.1.7 are vulnerable to an issue where the "secur...	7.5 - HIGH	2021-09-19	2023-11-07
CVE-2021-36374	When reading a specially crafted ZIP archive, or a derived formats, an Apache Ant build can be made to allocate large amounts...	5.5 - MEDIUM	2021-07-14	2023-11-07
CVE-2021-36373	When reading a specially crafted TAR archive an Apache Ant build can be made to allocate large amounts of memory that finally...	5.5 - MEDIUM	2021-07-14	2023-11-07
CVE-2021-29425	In Apache Commons IO before 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like "//../f...	4.8 - MEDIUM	2021-04-13	2023-11-07
CVE-2021-22118	In Spring Framework, versions 5.2.x prior to 5.2.15 and versions 5.3.x prior to 5.3.7, a WebFlux application is vulnerable to...	7.8 - HIGH	2021-05-27	2022-10-25
CVE-2021-2351	Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versions that are affected are...	8.3 - HIGH	2021-07-21	2023-10-23
CVE-2020-5397	Spring Framework, versions 5.2.x prior to 5.2.3 are vulnerable to CSRF attacks through CORS preflight requests that target Sp...	5.3 - MEDIUM	2020-01-17	2022-07-25
CVE-2020-1945	Apache Ant 1.1 to 1.9.14 and 1.10.0 to 1.10.7 uses the default temporary directory identified by the Java system property jav...	6.3 - MEDIUM	2020-05-14	2023-11-07

Results limited to 10 most recent vulnerabilities

Known Affected Configurations (CPE V2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Application	Oracle	Retail Integration Bus	16.0.2	All	All	All
Application	Oracle	Retail Integration Bus	16.0.1	All	All	All
Application	Oracle	Retail Integration Bus	16.0	All	All	All
Application	Oracle	Retail Integration Bus	15.0.2	All	All	All
Application	Oracle	Retail Integration Bus	15.0.1	All	All	All
Application	Oracle	Retail Integration Bus	15.0.0.1	All	All	All
Application	Oracle	Retail Integration Bus	15.0	All	All	All
Application	Oracle	Retail Integration Bus	14.1.3	All	All	All
Application	Oracle	Retail Integration Bus	14.1.2	All	All	All
Application	Oracle	Retail Integration Bus	14.1.1	All	All	All
Application	Oracle	Retail Integration Bus	14.1.0	All	All	All
Application	Oracle	Retail Integration Bus	14.1	All	All	All
Application	Oracle	Retail Integration Bus	14.0.4	All	All	All
Application	Oracle	Retail Integration Bus	14.0.3	All	All	All
Application	Oracle	Retail Integration Bus	14.0.2	All	All	All
Application	Oracle	Retail Integration Bus	14.0.1	All	All	All
Application	Oracle	Retail Integration Bus	14.0.0	All	All	All
Application	Oracle	Retail Integration Bus	14.0	All	All	All
Application	Oracle	Retail Integration Bus	13.2	All	All	All
Application	Oracle	Retail Integration Bus	13.1	All	All	All

Results limited to 20 most recent known configurations