4 matches found
Security Bulletin: Due to use of Apache Jena SDB, IBM Jazz Reporting Service is affected by a JDBC Deserialisation attack.
Summary Apache Jena SDB is used internally by IBM Jazz Reporting Service CVE-2022-45136. Vulnerability Details CVEID:CVE-2022-45136 DESCRIPTION: Apache Jena SDB 3.17.0 and earlier is vulnerable to a JDBC Deserialisation attack if the attacker is able to control the JDBC URL used or cause the...
CVE-2022-45136
CVE-2022-45136 affects Apache Jena SDB 3.17.0 and earlier. The vulnerability is a JDBC Deserialisation flaw that can lead to remote code execution when an attacker controls the JDBC URL or causes the database to return malicious data; the MySQL JDBC driver is specifically implicated. Jena SDB has...
CVE-2022-45136 Apache Jena SDB allows arbitrary deserialisation via JDBC
Apache Jena SDB 3.17.0 and earlier is vulnerable to a JDBC Deserialisation attack if the attacker is able to control the JDBC URL used or cause the underlying database server to return malicious data. The mySQL JDBC driver in particular is known to be vulnerable to this class of attack. As a resu...
CVE-2022-45136 Apache Jena SDB allows arbitrary deserialisation via JDBC
Apache Jena SDB 3.17.0 and earlier is vulnerable to a JDBC Deserialisation attack if the attacker is able to control the JDBC URL used or cause the underlying database server to return malicious data. The mySQL JDBC driver in particular is known to be vulnerable to this class of attack. As a resu...