Hibernate Orm Hibernate Orm

Do you want an email whenever new security vulnerabilities are reported in Hibernate Orm?

By the Year

In 2022 there have been 0 vulnerabilities in Hibernate Orm . Hibernate Orm did not have any published security vulnerabilities last year.

Year Vulnerabilities Average Score
2022 0 0.00
2021 0 0.00
2020 2 6.95
2019 0 0.00
2018 0 0.00

It may take a day or so for new Hibernate Orm vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Hibernate Orm Security Vulnerabilities

A flaw was found in hibernate-core in versions prior to and including 5.4.23.Final

CVE-2020-25638 7.4 - High - December 02, 2020

A flaw was found in hibernate-core in versions prior to and including 5.4.23.Final. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SQL comments of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks. The highest threat from this vulnerability is to data confidentiality and integrity.

SQL Injection

A flaw was found in Hibernate ORM in versions before 5.3.18, 5.4.18 and 5.5.0.Beta1

CVE-2019-14900 6.5 - Medium - July 06, 2020

A flaw was found in Hibernate ORM in versions before 5.3.18, 5.4.18 and 5.5.0.Beta1. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SELECT or GROUP BY parts of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks.

SQL Injection

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Red Hat Single Sign On or by Hibernate? Click the Watch button to subscribe.

Hibernate
Vendor

Hibernate Orm
Product

subscribe