EPSS
Percentile
59.2%
Apache Derby is vulnerable to unauthorized file overwrites. The library accepts the file:// protocol in the url, allowing a malicious user to overwrite existing files when exporting files.
file://
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2232
github.com/apache/derby/commit/ffa9392f7564652afc5d499a637aa2f5289cacc2
issues.apache.org/jira/browse/DERBY-2925