Oracle Hyperion Financial Reporting 11.1.2.4

CPE Details

Oracle Hyperion Financial Reporting 11.1.2.4
oracle
hyperion_financial_reporting
11.1.2.4
2019-05-30
16h37 +00:00
2019-05-30
16h37 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:oracle:hyperion_financial_reporting:11.1.2.4:*:*:*:*:*:*:*

Informations

Vendor

oracle

Product

hyperion_financial_reporting

Version

11.1.2.4

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2021-27906 2021-03-19 16h05 +00:00 A carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file. This issue affects Apache PDFBox version 2.0.22 and prior 2.0.x versions.
5.5
Medium
CVE-2021-27807 2021-03-19 16h05 +00:00 A carefully crafted PDF file can trigger an infinite loop while loading the file. This issue affects Apache PDFBox version 2.0.22 and prior 2.0.x versions.
5.5
Medium
CVE-2019-17566 2020-11-11 23h00 +00:00 Apache Batik is vulnerable to server-side request forgery, caused by improper input validation by the "xlink:href" attributes. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests.
7.5
High
CVE-2020-11023 2020-04-29 00h00 +00:00 In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing
6.9
Medium
CVE-2020-2769 2020-04-15 11h29 +00:00 Vulnerability in the Hyperion Financial Reporting product of Oracle Hyperion (component: Web Based Report Designer). The supported version that is affected is 11.1.2.4. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Hyperion Financial Reporting. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Hyperion Financial Reporting accessible data. CVSS 3.0 Base Score 2.4 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N).
2.4
Low
CVE-2019-2959 2019-10-16 15h40 +00:00 Vulnerability in the Hyperion Financial Reporting product of Oracle Hyperion (component: Security Models). The supported version that is affected is 11.1.2.4. Difficult to exploit vulnerability allows high privileged attacker with network access via HTTP to compromise Hyperion Financial Reporting. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Hyperion Financial Reporting accessible data. CVSS 3.0 Base Score 4.2 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:H/A:N).
4.2
Medium
CVE-2019-0228 2019-04-17 12h07 +00:00 Apache PDFBox 2.0.14 does not properly initialize the XML parser, which allows context-dependent attackers to conduct XML External Entity (XXE) attacks via a crafted XFDF.
9.8
Critical
CVE-2016-3493 2016-07-21 08h00 +00:00 Unspecified vulnerability in the Hyperion Financial Reporting component in Oracle Hyperion 11.1.2.4 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Security Models.
9.8
Critical