Derby@10.4.1.3 Security Vulnerabilities and Issues — Derby@10.4.1.3 CVE List

Lucene search

ApacheDerby10.4.1.3

2 matches found

CVE•added 2016/10/03 9:59 p.m.•142 views

CVE-2015-1832

XML external entity (XXE) vulnerability in the SqlXmlUtil code in Apache Derby before 10.12.1.1, when a Java Security Manager is not in place, allows context-dependent attackers to read arbitrary files or cause a denial of service (resource consumption) via vectors involving XmlVTI and the XML data...

9.1CVSS8.8AI score0.0036EPSS

CVE•added 2017/10/23 1:29 p.m.•73 views

CVE-2010-2232

In Apache Derby 10.1.2.1, 10.2.2.0, 10.3.1.4, and 10.4.1.3, Export processing may allow an attacker to overwrite an existing file.

7.5CVSS7.3AI score0.01673EPSS