GCVE - cpe:2.3:a:oracle:e-business_suite:12.2:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:oracle:e-business_suite:12.2:*:*:*:*:*:*:*

part: a version: 12.2 update: *

Vendor	Oracle (`3509f9eb-d8a0-57da-b153-b8021021b133`)
Product	E Business Suite (`6e274b81-bba3-5a1d-8609-c6b0ad13995c`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2022-21500`	vulnerable	2026-06-03 14:46:13.022382	Details available HIGH (7.5) Vulnerability in Oracle E-Business Suite (component: Manage Proxies). The supported version that is affected is 12.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle E-Business Suite. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle E-Business Suite accessible data. Note: Authentication is required for successful attack, however the user may be self-registered. <br> <br>Oracle E-Business Suite 12.1 is not impacted by this vulnerability. Customers should refer to the Patch Availability Document for details. CVSS 3.1 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N). Published: 2022-05-19T23:55:08.000Z Updated: 2024-09-24T20:05:17.216Z Open on db.gcve.eu Reference links https://www.oracle.com/security-alerts/alert-cve-2022-21500.html https://www.oracle.com/security-alerts/cpujul2022.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2021-45105`	vulnerable	2026-06-03 14:45:37.810585	Apache Log4j2 does not always protect from infinite recursion in lookup evaluation Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from self-referential lookups. This allows an attacker with control over Thread Context Map data to cause a denial of service when a crafted string is interpreted. This issue was fixed in Log4j 2.17.0, 2.12.3, and 2.3.1. Published: 2021-12-18T11:55:08.000Z Updated: 2026-05-29T11:45:26.064Z Open on db.gcve.eu Reference links https://logging.apache.org/log4j/2.x/security.html https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 https://www.kb.cert.org/vuls/id/930724 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd http://www.openwall.com/lists/oss-security/2021/12/19/1	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2016-0457`	vulnerable	2026-06-03 14:35:21.350560	db.gcve.eu returned HTTP 503. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2016-0456`	vulnerable	2026-06-03 14:35:21.350241	db.gcve.eu returned HTTP 503. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2016-0454`	vulnerable	2026-06-03 14:35:21.349447	db.gcve.eu returned HTTP 503. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2015-4926`	vulnerable	2026-06-03 14:34:57.707383	db.gcve.eu returned HTTP 503. Open on db.gcve.eu	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.