Hibernate Hibernate ORM 4.0.0 Alpha 2

CPE Details

Hibernate Hibernate ORM 4.0.0 Alpha 2
hibernate
hibernate_orm
4.0.0
2020-09-24
13h09 +00:00
2020-09-24
13h09 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:hibernate:hibernate_orm:4.0.0:alpha2:*:*:*:*:*:*

Informations

Vendor

hibernate

Product

hibernate_orm

Version

4.0.0

Update

alpha2

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2020-25638 2020-12-02 13h36 +00:00 A flaw was found in hibernate-core in versions prior to and including 5.4.23.Final. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SQL comments of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks. The highest threat from this vulnerability is to data confidentiality and integrity.
7.4
Haute
CVE-2019-14900 2020-07-06 16h35 +00:00 A flaw was found in Hibernate ORM in versions before 5.3.18, 5.4.18 and 5.5.0.Beta1. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SELECT or GROUP BY parts of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks.
6.5
Moyen