Latest oracle hyperion data relationship management Vulnerabilities

● CVE-2022-23307

A deserialization flaw was found in Apache log4j 1.2.x. While reading serialized log events, they are improperly deserialized. Note this is the same as <a href="https://access.redhat.com/security/cve...

redhat/log4j<0:1.2.14-6.6.el6_10

redhat/log4j<0:1.2.17-18.el7_4

redhat/log4j<0:1.2.17-17.el7_3

redhat/log4j-eap6<0:1.2.17-3.redhat_00008.1.ep6.el6

redhat/log4j-jboss-logmanager<0:1.1.4-3.Final_redhat_00002.1.ep6.el6

redhat/jboss-as-appclient<0:7.5.24-2.Final_redhat_00001.1.ep6.el6

and 193 more

● CVE-2022-23305

By design, the JDBCAppender in Log4j 1.2.x accepts an SQL statement as a configuration parameter where the values to be inserted are converters from PatternLayout. The message converter, %m, is likely...

redhat/log4j<0:1.2.14-6.6.el6_10

redhat/log4j<0:1.2.17-18.el7_4

redhat/log4j<0:1.2.17-17.el7_3

redhat/log4j-eap6<0:1.2.17-3.redhat_00008.1.ep6.el6

redhat/log4j-jboss-logmanager<0:1.1.4-3.Final_redhat_00002.1.ep6.el6

redhat/jboss-as-appclient<0:7.5.24-2.Final_redhat_00001.1.ep6.el6

and 196 more

● CVE-2022-23302

JMSSink in all versions of Log4j 1.x is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration or if the configuration references an LDAP service...

redhat/log4j<0:1.2.14-6.6.el6_10

redhat/log4j<0:1.2.17-18.el7_4

redhat/log4j<0:1.2.17-17.el7_3

redhat/log4j-eap6<0:1.2.17-3.redhat_00008.1.ep6.el6

redhat/log4j-jboss-logmanager<0:1.1.4-3.Final_redhat_00002.1.ep6.el6

redhat/jboss-as-appclient<0:7.5.24-2.Final_redhat_00001.1.ep6.el6

and 194 more

● CVE-2021-45105

Apache Log4j StrSubstitutor Uncontrolled Recursion Denial-of-Service Vulnerability

redhat/eap7-log4j<0:2.17.1-1.redhat_00001.1.el8ea

redhat/eap7-log4j<0:2.17.1-1.redhat_00001.1.el7ea

redhat/rh-sso7-keycloak<0:15.0.6-1.redhat_00001.1.el7

redhat/rh-sso7-keycloak<0:15.0.6-1.redhat_00001.1.el8

debian/apache-log4j2

debian/apache-log4j2<=2.16.0-1~deb10u1<=2.16.0-1<=2.16.0-1~deb11u1

and 217 more

● CVE-2021-4104

Deserialization of untrusted data in JMSAppender in Apache Log4j 1.2

redhat/log4j<0:1.2.14-6.5.el6_10

redhat/log4j<0:1.2.17-17.el7_4

redhat/log4j<0:1.2.17-16.el7_3

redhat/log4j-eap6<0:1.2.17-3.redhat_00008.1.ep6.el6

redhat/log4j-jboss-logmanager<0:1.1.4-3.Final_redhat_00002.1.ep6.el6

redhat/jboss-as-appclient<0:7.5.24-2.Final_redhat_00001.1.ep6.el6

and 219 more

● CVE-2020-7760

Node.js codemirror module is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw. By using sub-pattern (s|/*.*?*/)*, a remote attacker could exploit this v...

debian/codemirror-js

Codemirror Codemirror<5.58.2

Oracle Application Express<20.2

Oracle Enterprise Manager Express User Interface=19c

Oracle Essbase=21.2

Oracle Hyperion Data Relationship Management<11.2.9.0

and 4 more

● CVE-2019-2927

Vulnerability in the Hyperion Data Relationship Management product of Oracle Hyperion (component: Access and Security). The supported version that is affected is 11.1.2.4. Difficult to exploit vulnera...

Oracle Hyperion Data Relationship Management=11.1.2.4

● CVE-2018-3208

Vulnerability in the Hyperion Data Relationship Management component of Oracle Hyperion (subcomponent: Access and Security). The supported version that is affected is 11.1.2.4.345. Easily exploitable ...

Oracle Hyperion Data Relationship Management=11.1.2.4.345

● CVE-2018-2915

Vulnerability in the Hyperion Data Relationship Management component of Oracle Hyperion (subcomponent: Access and security). The supported version that is affected is 11.1.2.4.330. Easily exploitable ...

Oracle Hyperion Data Relationship Management=11.1.2.4.330

Latest oracle hyperion data relationship management Vulnerabilities

Company

Resources

Contact