7 matches found
com.drobisch:flink-connector-elasticsearch-e2e-tests-common (>=4.0.0-serde-fixes <=4.0.5-fault-tolerant), com.drobisch:flink-connector-elasticsearch6-e2e-tests (>=4.0.0-serde-fixes <=4.0.5-fault-tolerant) +25 more potentially affected by CVE-2026-35194 via org.apache.flink:flink-table-api-java (>=2.0.0 <=2.0.1)
org.apache.flink:flink-table-api-java MAVEN version =2.0.0, =4.0.0-serde-fixes, =4.0.0-serde-fixes, =4.0.0-serde-fixes, =26.0.0, =0.2.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.1 and more Source cves: CVE-2026-35194 Source advisory: OSV:GHSA-2F54-V4HM-FX73...
com.couchbase.client.flink-connector-couchbase_2.12:flink-connector-couchbase_2.12 (=0.5.0), com.datasqrl.flinkrunner:kafka-safe-connector (>=0.9.0-alpha1 <=0.9.0-alpha2) +29 more potentially affected by CVE-2026-35194 via org.apache.flink:flink-table-api-java (>=2.1.0 <=2.1.1)
org.apache.flink:flink-table-api-java MAVEN version =2.1.0, =0.9.0-alpha1, =0.9.0-alpha1, =0.9.0-alpha1, =0.9.0-alpha1, =0.9.0-alpha1, =26.0.0, =0.2.0, =2.1.0, =2.1.0, =2.1.1 and more Source cves: CVE-2026-35194 Source advisory: OSV:GHSA-2F54-V4HM-FX73...
SQL Injection
Overview Affected versions of this package are vulnerable to SQL Injection via the quote function that fails to properly escape special characters. An attacker can execute arbitrary SQL commands by supplying specially crafted input values for database name or table names. Remediation Upgrade...
org.apache.pinot:pinot-flink-connector (>=1.0.0 <=1.2.0), org.apache.pinot:pinot-minion-builtin-tasks (>=1.0.0 <=1.2.0) +1 more potentially affected by CVE-2024-56325 via org.apache.pinot:pinot-controller (>=1.0.0 <=1.2.0)
org.apache.pinot:pinot-controller MAVEN version =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.2.0 Source cves: CVE-2024-56325 Source advisory: SNYK:JAVA-ORGAPACHEPINOT-9637840...
org.apache.pinot:pinot-distribution (>=0.1.0 <=0.9.3), org.apache.pinot:pinot-flink-connector (>=1.0.0 <=1.2.0) +6 more potentially affected by CVE-2024-56325 via org.apache.pinot:pinot-controller (>=0.1.0 <=1.2.0)
org.apache.pinot:pinot-controller MAVEN version =0.1.0, =0.1.0, =1.0.0, =0.9.0, =0.1.0, =0.8.0, =0.8.0, =0.1.0, =0.1.0, =0.9.3 Source cves: CVE-2024-56325 Source advisory: OSV:GHSA-6JWP-4WVJ-6597...
org.apache.pinot:pinot-compatibility-verifier (=0.10.0), org.apache.pinot:pinot-distribution (>=0.1.0 <=0.10.0) +7 more potentially affected by CVE-2024-39676 via org.apache.pinot:pinot-controller (>=0.10.0 <=0.9.3)
org.apache.pinot:pinot-controller MAVEN version =0.10.0, =0.1.0, =0.11.0, =0.9.0, =0.1.0, =0.8.0, =0.8.0, =0.1.0, =0.1.0, =0.10.0 Source cves: CVE-2024-39676 Source advisory: OSV:GHSA-8GJ9-R4HV-3JJW...
com.hotels:beeju (=4.0.1), com.mydataharbor:jdbc-hive-2.2.x-plugin (>=1.1.1 <=2.0.2) +45 more potentially affected by CVE-2018-1315 via org.apache.hive:hive-service (>=2.1.0 <=2.3.2)
org.apache.hive:hive-service MAVEN version =2.1.0, =1.1.1, =1.1.0, =5.1.0, =1.15.4, =0.9.1, =0.8.4, =0.8.3, =0.8.3, =0.8.3, =0.8.3, =1.2.0, =2.0.1, =1.2.0, =3.0.6 and more Source cves: CVE-2018-1315 Source advisory: OSV:GHSA-P639-XXV5-J383...