CVE-2024-36265
- EPSS 0.27%
- Veröffentlicht 12.06.2024 15:15:52
- Zuletzt bearbeitet 19.03.2025 21:15:36
** UNSUPPORTED WHEN ASSIGNED ** Incorrect Authorization vulnerability in Apache Submarine Server Core. This issue affects Apache Submarine Server Core: from 0.8.0. As this project is retired, we do not plan to release a version that fixes this issu...
CVE-2024-36263
- EPSS 0.6%
- Veröffentlicht 12.06.2024 14:15:11
- Zuletzt bearbeitet 15.07.2025 16:38:17
** UNSUPPORTED WHEN ASSIGNED ** Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Apache Submarine Server Core. This issue affects Apache Submarine Server Core: all versions. As this project is re...
CVE-2024-36264
- EPSS 0.17%
- Veröffentlicht 12.06.2024 14:15:11
- Zuletzt bearbeitet 20.03.2025 19:15:29
** UNSUPPORTED WHEN ASSIGNED ** Improper Authentication vulnerability in Apache Submarine Commons Utils. If the user doesn't explicitly set `submarine.auth.default.secret`, a default value will be used. This issue affects Apache Submarine Commons ...
CVE-2023-37924
- EPSS 77.07%
- Veröffentlicht 22.11.2023 10:15:07
- Zuletzt bearbeitet 21.11.2024 08:12:28
Apache Software Foundation Apache Submarine has an SQL injection vulnerability when a user logs in. This issue can result in unauthorized login. Now we have fixed this issue and now user must have the correct login to access workbench. This issue aff...
CVE-2023-46302
- EPSS 0.16%
- Veröffentlicht 20.11.2023 09:15:07
- Zuletzt bearbeitet 21.11.2024 08:28:15
Apache Software Foundation Apache Submarine has a bug when serializing against yaml. The bug is caused by snakeyaml https://nvd.nist.gov/vuln/detail/CVE-2022-1471 . Apache Submarine uses JAXRS to define REST endpoints. In order to handle YAML requ...