Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Odata4j Project Subscribe
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2016-11023 1 Odata4j Project 1 Odata4j 2020-03-30 7.5 HIGH 9.8 CRITICAL
odata4j 0.7.0 allows ExecuteCountQueryCommand.java SQL injection. NOTE: this product is apparently discontinued.
CVE-2016-11024 1 Odata4j Project 1 Odata4j 2020-03-30 7.5 HIGH 9.8 CRITICAL
odata4j 0.7.0 allows ExecuteJPQLQueryCommand.java SQL injection. NOTE: this product is apparently discontinued.
CVE-2014-0171 2 Odata4j Project, Redhat 2 Odata4j, Jboss Data Virtualization 2020-03-26 5.0 MEDIUM N/A
XML external entity (XXE) vulnerability in StaxXMLFactoryProvider2 in Odata4j, as used in Red Hat JBoss Data Virtualization before 6.0.0 patch 4, allows remote attackers to read arbitrary files via a crafted request to a REST endpoint.