Oracle - Hospitality Simphony CVE

Filtered by vendor Oracle Subscribe

Filtered by product Hospitality Simphony

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2018-1285	3 Apache, Fedoraproject, Oracle	5 Log4net, Fedora, Application Testing Suite and 2 more	2022-06-07	7.5 HIGH	9.8 CRITICAL
Apache log4net versions before 2.0.10 do not disable XML external entities when parsing log4net configuration files. This allows for XXE-based attacks in applications that accept attacker-controlled log4net configuration files.

Vulnerabilities (CVE)