Description

In Apache Derby 10.1.2.1, 10.2.2.0, 10.3.1.4, and 10.4.1.3, Export processing may allow an attacker to overwrite an existing file.

Remediation

References

https://issues.apache.org/jira/browse/DERBY-2925

http://db.apache.org/derby/releases/release-10.6.2.1.html#Note+for+DERBY-2925

http://www.securityfocus.com/bid/101562

Related Vulnerabilities

CVE-2023-43500 Vulnerability in maven package com.sonyericsson.jenkins.plugins.bfa:build-failure-analyzer

CVE-2022-24728 Vulnerability in maven package org.webjars.bowergithub.ckeditor:ckeditor4

CVE-2018-17145 Vulnerability in npm package bcoin

CVE-2023-40185 Vulnerability in npm package shescape

CVE-2023-31126 Vulnerability in maven package org.xwiki.commons:xwiki-commons-xml

Severity

High

Classification

CWE-284 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Tags

Release Notes Patch Vendor Advisory Issue Tracking