GHSA-v74c-qc46-9gg9

Suggest an improvement
Source
https://github.com/advisories/GHSA-v74c-qc46-9gg9
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/06/GHSA-v74c-qc46-9gg9/GHSA-v74c-qc46-9gg9.json
JSON Data
https://api.osv.dev/v1/vulns/GHSA-v74c-qc46-9gg9
Aliases
  • CVE-2024-36263
Published
2024-06-12T15:31:45Z
Modified
2024-06-12T20:12:56.137702Z
Severity
  • 8.1 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N CVSS Calculator
Summary
Apache Submarine Server Core has a SQL Injection Vulnerability
Details

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Apache Submarine Server Core.

This issue affects Apache Submarine Server Core: all versions.

As this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restrict access to the instance to trusted users.

NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

References

Affected packages

Maven / org.apache.submarine:submarine-server-core

Package

Name
org.apache.submarine:submarine-server-core
View open source insights on deps.dev
Purl
pkg:maven/org.apache.submarine/submarine-server-core

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Last affected
0.8.0

Affected versions

0.*

0.4.0
0.6.0
0.7.0
0.8.0-RC0
0.8.0