Lucene search
+L

4 matches found

osv
osv
added 2022/05/01 2:31 a.m.42 views

GHSA-RP7R-79RM-2758 Apache Derby exposes user and password attributes

Apache Derby before 10.1.2.1 exposes the 1 user and 2 password attributes in cleartext via a the RDBNAM parameter of the ACCSEC command and b the output of the DatabaseMetaData.getURL function, which allows context-dependent attackers to obtain sensitive information...

5CVSS9.2AI score0.02451EPSS
Exploits0References9
github
github
added 2022/05/01 2:31 a.m.34 views

Apache Derby exposes user and password attributes

Apache Derby before 10.1.2.1 exposes the 1 user and 2 password attributes in cleartext via a the RDBNAM parameter of the ACCSEC command and b the output of the DatabaseMetaData.getURL function, which allows context-dependent attackers to obtain sensitive information...

5CVSS5.4AI score0.02451EPSS
Exploits0References9Affected Software1
veracode
veracode
added 2018/11/14 3:10 a.m.21 views

Information Disclosure

Apache Derby is vulnerable to information disclosure. A context-dependent attacker is able to retrieve the cleartext user and password attributes are exposed via the RDBNAM parameter of the ACCSEC command and the output of the DatabaseMetaData.getURL function...

5CVSS5.9AI score0.02451EPSS
Exploits0References6Affected Software2
debiancve
debiancve
added 2007/07/05 8:0 p.m.44 views

CVE-2005-4849

Apache Derby before 10.1.2.1 exposes the 1 user and 2 password attributes in cleartext via a the RDBNAM parameter of the ACCSEC command and b the output of the DatabaseMetaData.getURL function, which allows context-dependent attackers to obtain sensitive information...

5CVSS6.4AI score0.02451EPSS
Exploits0
Rows per page
Query Builder