Vulnerabilities (CVE)

Filtered by vendor Odata4j Project Subscribe
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2014-0171 2 Odata4j Project, Redhat 2 Odata4j, Jboss Data Virtualization 2024-11-21 5.0 MEDIUM N/A
XML external entity (XXE) vulnerability in StaxXMLFactoryProvider2 in Odata4j, as used in Red Hat JBoss Data Virtualization before 6.0.0 patch 4, allows remote attackers to read arbitrary files via a crafted request to a REST endpoint.
CVE-2016-11023 1 Odata4j Project 1 Odata4j 2024-02-28 7.5 HIGH 9.8 CRITICAL
odata4j 0.7.0 allows ExecuteCountQueryCommand.java SQL injection. NOTE: this product is apparently discontinued.
CVE-2016-11024 1 Odata4j Project 1 Odata4j 2024-02-28 7.5 HIGH 9.8 CRITICAL
odata4j 0.7.0 allows ExecuteJPQLQueryCommand.java SQL injection. NOTE: this product is apparently discontinued.