Maven package
com.orientechnologies/orientdb-core
pkg:maven/com.orientechnologies/orientdb-core
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-11467 | Cri | 9.8 | < 2.2.23 | 2.2.23 | Jul 20, 2017 | OrientDB through 2.2.22 does not enforce privilege requirements during "where" or "fetchplan" or "order by" use, which allows remote attackers to execute arbitrary OS commands via a crafted request. |
- affected < 2.2.23fixed 2.2.23
OrientDB through 2.2.22 does not enforce privilege requirements during "where" or "fetchplan" or "order by" use, which allows remote attackers to execute arbitrary OS commands via a crafted request.