Filtered by vendor Odata4j Project Subscriptions
Total 3 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2016-11024 1 Odata4j Project 1 Odata4j 2024-11-21 9.8 Critical
odata4j 0.7.0 allows ExecuteJPQLQueryCommand.java SQL injection. NOTE: this product is apparently discontinued.
CVE-2016-11023 1 Odata4j Project 1 Odata4j 2024-11-21 9.8 Critical
odata4j 0.7.0 allows ExecuteCountQueryCommand.java SQL injection. NOTE: this product is apparently discontinued.
CVE-2014-0171 2 Odata4j Project, Redhat 2 Odata4j, Jboss Data Virtualization 2024-11-21 N/A
XML external entity (XXE) vulnerability in StaxXMLFactoryProvider2 in Odata4j, as used in Red Hat JBoss Data Virtualization before 6.0.0 patch 4, allows remote attackers to read arbitrary files via a crafted request to a REST endpoint.