Lucene search
Veracode Vulnerability DatabaseVERACODE:37492HistoryOct 11, 2022 - 9:00 a.m.
Remote Code Execution
2022-10-1109:00:01
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
org.hsqldb:hsqldb is vulnerable to remote code execution. Improper validation of untrusted inputs in supportsJavaMethod function allows an authenticated attacker to upload and execute malicious code on the system under attack.
| CPE | Name | Operator | Version |
|---|---|---|---|
| hypersql database | le | 2.7.0 | |
| hypersql database | le | 2.7.0 |
References
Related
nessus
nessus
Debian DSA-5313-1 : hsqldb - security update
2023-01-11 00:00:00
Oracle Linux 6 : hsqldb (ELSA-2023-12103)
2023-02-08 00:00:00
RHEL 6 : hsqldb (RHSA-2022:8559)
2022-11-21 00:00:00
osv
osv
HyperSQL DataBase vulnerable to remote code execution when processing untrusted input
2022-10-06 18:52:05
hsqldb - security update
2023-01-10 00:00:00
hsqldb - security update
2022-12-10 00:00:00
debian
debian
[SECURITY] [DSA 5313-1] hsqldb security update
2023-01-10 23:33:16
[SECURITY] [DLA 3234-1] hsqldb security update
2022-12-10 16:18:52
openvas
openvas
Debian: Security Advisory (DSA-5313-1)
2023-01-12 00:00:00
CentOS: Security Advisory for hsqldb (CESA-2022:8560)
2022-12-01 00:00:00
Debian: Security Advisory (DLA-3234-1)
2022-12-11 00:00:00
redhat
redhat
(RHSA-2022:8560) Important: hsqldb security update
2022-11-21 16:04:34
(RHSA-2022:8559) Important: hsqldb security update
2022-11-21 15:56:20
veracode
veracode
Remote Code Execution
2022-10-11 02:15:45
prion
prion
Design/Logic Flaw
2022-10-06 18:17:00
cnvd
cnvd
HSQLDB Code Execution Vulnerability
2022-10-10 00:00:00
ubuntucve
ubuntucve
CVE-2022-41853
2022-10-06 00:00:00
cve
cve
CVE-2022-41853
2022-10-06 18:17:00
debiancve
debiancve
CVE-2022-41853
2022-10-06 18:17:00
redhatcve
redhatcve
CVE-2022-41853
2022-10-19 12:47:35
oraclelinux
oraclelinux
hsqldb security update
2023-02-09 00:00:00
hsqldb security update
2022-11-22 00:00:00
github
github
ibm
ibm
Security Bulletin: IBM InfoSphere Information Server is affected by a remote code execution vulnerability in HSQLDB (CVE-2022-41853)
2022-12-05 15:55:42
suse
suse
Security update for hsqldb (important)
2022-11-01 00:00:00
centos
centos
hsqldb security update
2022-11-30 23:02:46
amazon
amazon
Important: hsqldb
2023-01-18 20:56:00
Important: hsqldb
2023-01-18 00:17:00
qualysblog
qualysblog
Oracle Patch Tuesday, July 2023 Security Update Review
2023-07-19 15:56:06
oracle
oracle
Oracle Critical Patch Update Advisory - January 2023
2023-01-17 00:00:00
Oracle Critical Patch Update Advisory - April 2024
2024-04-16 00:00:00
Oracle Critical Patch Update Advisory - July 2023
2023-07-18 00:00:00
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Related for VERACODE:37492