Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2016-11023 | 1 Odata4j Project | 1 Odata4j | 2020-03-30 | 7.5 HIGH | 9.8 CRITICAL |
odata4j 0.7.0 allows ExecuteCountQueryCommand.java SQL injection. NOTE: this product is apparently discontinued. | |||||
CVE-2016-11024 | 1 Odata4j Project | 1 Odata4j | 2020-03-30 | 7.5 HIGH | 9.8 CRITICAL |
odata4j 0.7.0 allows ExecuteJPQLQueryCommand.java SQL injection. NOTE: this product is apparently discontinued. | |||||
CVE-2014-0171 | 2 Odata4j Project, Redhat | 2 Odata4j, Jboss Data Virtualization | 2020-03-26 | 5.0 MEDIUM | N/A |
XML external entity (XXE) vulnerability in StaxXMLFactoryProvider2 in Odata4j, as used in Red Hat JBoss Data Virtualization before 6.0.0 patch 4, allows remote attackers to read arbitrary files via a crafted request to a REST endpoint. |