Vulnerabilities > Oracle > Financial Services Data Integration HUB > Critical

DATE CVE VULNERABILITY TITLE RISK
2020-12-11 CVE-2020-17530 Expression Language Injection vulnerability in multiple products
Forced OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution.
network
low complexity
apache oracle CWE-917
critical
9.8
2020-09-14 CVE-2019-0230 Apache Struts 2.0.0 to 2.5.20 forced double OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution.
network
low complexity
apache oracle
critical
9.8