2 matches found
CVE-2019-14900
CVE-2019-14900 affects Hibernate ORM prior to 5.3.18, 5.4.18, and 5.5.0.Beta1. The flaw is a SQL injection in the JPA Criteria API implementation that can permit unsanitized literals in the SELECT or GROUP BY clauses, enabling an attacker to access unauthorized information. The connected document...
CVE-2019-14860
CVE-2019-14860 affects Red Hat Fuse / Syndesis: the Syndesis CORS configuration was identified as allowing all origins, enabling potential phishing and unauthorized information access. The root cause is a default CORS policy that is too permissive for cross-origin requests. Public advisories (RHS...