Oracle Retail EFTLink 17.0.2

CPE Details

Oracle Retail EFTLink 17.0.2
oracle
retail_eftlink
17.0.2
2021-12-02
11h07 +00:00
2021-12-03
17h15 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:oracle:retail_eftlink:17.0.2:*:*:*:*:*:*:*

Informations

Vendor

oracle

Product

retail_eftlink

Version

17.0.2

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2021-45105 2021-12-18 10h55 +00:00 Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from self-referential lookups. This allows an attacker with control over Thread Context Map data to cause a denial of service when a crafted string is interpreted. This issue was fixed in Log4j 2.17.0, 2.12.3, and 2.3.1.
5.9
Medium
CVE-2020-9488 2020-04-27 13h36 +00:00 Improper validation of certificate with host mismatch in Apache Log4j SMTP appender. This could allow an SMTPS connection to be intercepted by a man-in-the-middle attack which could leak any log messages sent through that appender. Fixed in Apache Log4j 2.12.3 and 2.13.1
3.7
Low
CVE-2019-10219 2019-11-08 13h46 +00:00 A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.
6.1
Medium