Lucene search
K

5 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/22 12:0 a.m.11 views

Unity Linux 20.1070e Security Update: hibernate3 (UTSA-2026-016759)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016759 advisory. A flaw was found in Hibernate ORM in versions before 5.3.18, 5.4.18 and 5.5.0.Beta1. A SQL injection in the implementation of the JPA Criteria API can permit...

6.5CVSS5.8AI score0.02126EPSS
Exploits0References4
OSV
OSV
added 2021/04/07 11:2 a.m.0 views

OESA-2021-1137 hibernate4 security update

Hibernate is a powerful, ultra-high performance object/relational persistence and query service for Java. Hibernate lets you develop persistent objects following common Java idiom - including association, inheritance, polymorphism, composition and the Java collections framework. Extremely...

6.5CVSS7.6AI score0.02126EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2020/12/16 7:20 a.m.9 views

hibernate-core: SQL injection vulnerability when both hibernate.use_sql_comments and JPQL String literals are used

A flaw was found in hibernate-core in versions prior to and including 5.4.23.Final. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SQL comments of the query. This flaw could allow an attacker to access unauthorized...

7.4CVSS7.2AI score0.02907EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/09/07 12:57 p.m.4 views

hibernate: SQL injection issue in Hibernate ORM

A flaw was found in Hibernate ORM. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SELECT or GROUP BY parts of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further...

6.5CVSS5.9AI score0.02126EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/08/17 1:28 p.m.3 views

hibernate: SQL injection issue in Hibernate ORM

A flaw was found in Hibernate ORM. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SELECT or GROUP BY parts of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further...

6.5CVSS5.9AI score0.02126EPSS
Exploits0References4
Rows per page
Query Builder