Hsqldb Hypersql Database
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Hsqldb Hypersql Database.
By the Year
In 2026 there have been 0 vulnerabilities in Hsqldb Hypersql Database. Hypersql Database did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 1 | 9.80 |
It may take a day or so for new Hypersql Database vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Hsqldb Hypersql Database Security Vulnerabilities
HSQDB 2.7.1 RCE via Statement allowing arbitrary static calls
CVE-2022-41853
9.8 - Critical
- October 06, 2022
Those using java.sql.Statement or java.sql.PreparedStatement in hsqldb (HyperSQL DataBase) to process untrusted input may be vulnerable to a remote code execution attack. By default it is allowed to call any static method of any Java class in the classpath resulting in code execution. The issue can be prevented by updating to 2.7.1 or by setting the system property "hsqldb.method_class_names" to classes which are allowed to be called. For example, System.setProperty("hsqldb.method_class_names", "abc") or Java argument -Dhsqldb.method_class_names="abc" can be used. From version 2.7.1 all classes by default are not accessible except those in java.lang.Math and need to be manually enabled.
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Hsqldb Hypersql Database or by Hsqldb? Click the Watch button to subscribe.
