Description

A flaw was found in Hibernate ORM in versions before 5.3.18, 5.4.18 and 5.5.0.Beta1. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SELECT or GROUP BY parts of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks.

Remediation

References

https://bugzilla.redhat.com/show_bug.cgi?id=1666499

https://security.netapp.com/advisory/ntap-20220210-0020/

https://lists.apache.org/thread.html/r833c1276e41334fa675848a08daf0c61f39009f9f9a400d9f7006d44%40%3Cdev.turbine.apache.org%3E

Related Vulnerabilities

CVE-2021-23463 Vulnerability in maven package com.h2database:h2

CVE-2020-21125 Vulnerability in maven package com.bstek.ureport:ureport2-console

CVE-2022-24847 Vulnerability in maven package org.geoserver.community:gs-jdbcconfig

CVE-2018-20000 Vulnerability in maven package org.bedework:bw-webdav

CVE-2019-14653 Vulnerability in maven package org.webjars.npm:editor.md

Severity

High

Classification

CWE-89 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Tags

Issue Tracking Third Party Advisory