CVE-2024-36265
- EPSS 0.27%
- Published 12.06.2024 15:15:52
- Last modified 19.03.2025 21:15:36
** UNSUPPORTED WHEN ASSIGNED ** Incorrect Authorization vulnerability in Apache Submarine Server Core. This issue affects Apache Submarine Server Core: from 0.8.0. As this project is retired, we do not plan to release a version that fixes this issu...
CVE-2024-36263
- EPSS 0.6%
- Published 12.06.2024 14:15:11
- Last modified 15.07.2025 16:38:17
** UNSUPPORTED WHEN ASSIGNED ** Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Apache Submarine Server Core. This issue affects Apache Submarine Server Core: all versions. As this project is re...
CVE-2024-36264
- EPSS 0.17%
- Published 12.06.2024 14:15:11
- Last modified 20.03.2025 19:15:29
** UNSUPPORTED WHEN ASSIGNED ** Improper Authentication vulnerability in Apache Submarine Commons Utils. If the user doesn't explicitly set `submarine.auth.default.secret`, a default value will be used. This issue affects Apache Submarine Commons ...
CVE-2023-37924
- EPSS 77.07%
- Published 22.11.2023 10:15:07
- Last modified 21.11.2024 08:12:28
Apache Software Foundation Apache Submarine has an SQL injection vulnerability when a user logs in. This issue can result in unauthorized login. Now we have fixed this issue and now user must have the correct login to access workbench. This issue aff...
CVE-2023-46302
- EPSS 0.16%
- Published 20.11.2023 09:15:07
- Last modified 21.11.2024 08:28:15
Apache Software Foundation Apache Submarine has a bug when serializing against yaml. The bug is caused by snakeyaml https://nvd.nist.gov/vuln/detail/CVE-2022-1471 . Apache Submarine uses JAXRS to define REST endpoints. In order to handle YAML requ...