Vulnerabilities > Oracle > Hyperion Data Relationship Management > High

DATE	CVE	VULNERABILITY TITLE	RISK
2022-01-18	CVE-2022-23302	Deserialization of Untrusted Data vulnerability in multiple products JMSSink in all versions of Log4j 1.x is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration or if the configuration references an LDAP service the attacker has access to. network low complexity apache netapp broadcom qos oracle CWE-502	8.8
2022-01-18	CVE-2022-23307	Deserialization of Untrusted Data vulnerability in multiple products CVE-2020-9493 identified a deserialization issue that was present in Apache Chainsaw. network low complexity apache qos oracle CWE-502	8.8
2021-12-14	CVE-2021-4104	Deserialization of Untrusted Data vulnerability in multiple products JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration. network high complexity apache fedoraproject redhat oracle CWE-502	7.5
2020-10-30	CVE-2020-7760	Resource Exhaustion vulnerability in multiple products This affects the package codemirror before 5.58.2; the package org.apache.marmotta.webjars:codemirror before 5.58.2. network low complexity codemirror oracle CWE-400	7.5
2018-10-17	CVE-2018-3208	Unspecified vulnerability in Oracle Hyperion Data Relationship Management 11.1.2.4.345 Vulnerability in the Hyperion Data Relationship Management component of Oracle Hyperion (subcomponent: Access and Security). network low complexity oracle	7.7

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.