** UNSUPPORTED WHEN ASSIGNED ** Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Apache Submarine Server Core.

This issue affects Apache Submarine Server Core: all versions.

As this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restrict access to the instance to trusted users.

NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Wed, 16 Jul 2025 13:45:00 +0000

Type Values Removed Values Added
Metrics epss

{'score': 0.00145}

epss

{'score': 0.00462}


Thu, 13 Feb 2025 18:15:00 +0000

Type Values Removed Values Added
First Time appeared Apache
Apache submarine
CPEs cpe:2.3:a:apache:submarine:*:*:*:*:*:*:*:*
Vendors & Products Apache
Apache submarine
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Thu, 13 Feb 2025 18:00:00 +0000

Type Values Removed Values Added
Description ** UNSUPPORTED WHEN ASSIGNED ** Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Apache Submarine Server Core. This issue affects Apache Submarine Server Core: all versions. As this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restrict access to the instance to trusted users. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. ** UNSUPPORTED WHEN ASSIGNED ** Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Apache Submarine Server Core. This issue affects Apache Submarine Server Core: all versions. As this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restrict access to the instance to trusted users. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

Wed, 21 Aug 2024 16:00:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 8.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: apache

Published:

Updated: 2025-02-13T17:52:52.302Z

Reserved: 2024-05-22T10:10:43.893Z

Link: CVE-2024-36263

cve-icon Vulnrichment

Updated: 2024-08-02T03:37:05.240Z

cve-icon NVD

Status : Analyzed

Published: 2024-06-12T14:15:11.740

Modified: 2025-07-15T16:38:17.863

Link: CVE-2024-36263

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.