Apache Submarine
5 CVEs affecting Apache Submarine. Latest disclosed: 2024-06-12. Critical: 4, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-36265 | Critical | 9.8 | 2024-06-12 | ** UNSUPPORTED WHEN ASSIGNED ** Incorrect Authorization vulnerability in Apache Submarine Server Core. This issue affects Apache Submarine Server Core: from 0… |
CVE-2024-36264 | Critical | 9.8 | 2024-06-12 | ** UNSUPPORTED WHEN ASSIGNED ** Improper Authentication vulnerability in Apache Submarine Commons Utils. If the user doesn't explicitly set `submarine.auth.de… |
CVE-2023-37924 | Critical | 9.8 | 2023-11-22 | Apache Software Foundation Apache Submarine has an SQL injection vulnerability when a user logs in. This issue can result in unauthorized login. Now we have fi… |
CVE-2023-46302 | Critical | 9.8 | 2023-11-20 | Apache Software Foundation Apache Submarine has a bug when serializing against yaml. The bug is caused by snakeyaml https://nvd.nist.gov/vuln/detail/CVE-2022-… |
CVE-2024-36263 | High | 8.1 | 2024-06-12 | ** UNSUPPORTED WHEN ASSIGNED ** Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Apache Submarine Server C… |