Apache Submarine Server Core has a SQL Injection Vulnerability

2024-06-1215:31:45

Google

osv.dev

apache submarine server

sql injection

vulnerability

retired

unsupported

security issue

7.5 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

15.6%

JSON

Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in Apache Submarine Server Core.

This issue affects Apache Submarine Server Core: all versions.

As this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restrict access to the instance to trusted users.

NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

CPENameOperatorVersion
org.apache.submarine:submarine-server-coreeq0.8.0
org.apache.submarine:submarine-server-coreeq0.8.0-RC0
org.apache.submarine:submarine-server-coreeq0.6.0
org.apache.submarine:submarine-server-coreeq0.4.0
org.apache.submarine:submarine-server-coreeq0.7.0

Name	Operator	Version
org.apache.submarine:submarine-server-core	eq	0.8.0
org.apache.submarine:submarine-server-core	eq	0.8.0-RC0
org.apache.submarine:submarine-server-core	eq	0.6.0
org.apache.submarine:submarine-server-core	eq	0.4.0
org.apache.submarine:submarine-server-core	eq	0.7.0