VYPR

Maven package

com.orientechnologies/orientdb-core

pkg:maven/com.orientechnologies/orientdb-core

Vulnerabilities (1)

  • CVE-2017-11467CriJul 20, 2017
    affected < 2.2.23fixed 2.2.23

    OrientDB through 2.2.22 does not enforce privilege requirements during "where" or "fetchplan" or "order by" use, which allows remote attackers to execute arbitrary OS commands via a crafted request.