Vulnerabilities > Oracle > Retail Open Commerce Platform > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-10-17 | CVE-2018-3122 | Unspecified vulnerability in Oracle Retail Open Commerce Platform 5.3/6.0/6.0.1 Vulnerability in the Oracle Retail Open Commerce Platform component of Oracle Retail Applications (subcomponent: Integrations). | 6.8 |
| 2018-05-11 | CVE-2018-1257 | Spring Framework, versions 5.0.x prior to 5.0.6, versions 4.3.x prior to 4.3.17, and older unsupported versions allows applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. | 6.5 |
| 2018-04-06 | CVE-2018-1271 | Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, allow applications to configure Spring MVC to serve static resources (e.g. | 5.9 |