2 matches found
EUVD-2026-42221
Unauthenticated callers can supply a malicious H2 JDBC URL through the testConnection API, which executes arbitrary Java code on the server via H2's INIT parameter. Vulnerability in Apache Gravitino. This issue affects Apache Gravitino: before 1.2.1. Users are recommended to upgrade to version...
Jeecg-Boot Security Vulnerabilities
Jeecg-Boot is a low-code platform based on a code generator from the JeecgBoot community. A security vulnerability exists in Jeecg-Boot v3.5.3 and earlier versions, which stems from an arbitrary file read vulnerability in interface /testConnection...