Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cnvdChina National Vulnerability DatabaseCNVD-2022-55630
HistoryJul 30, 2022 - 12:00 a.m.

Apache Calcite Code Injection Vulnerability

2022-07-3000:00:00
China National Vulnerability Database
www.cnvd.org.cn
17
apache calcite
code injection
avatica
jdbc driver
vulnerability
database
data management
exploitation
remote code execution
apache foundation
security advisory

EPSS

0.002

Percentile

51.7%

JSON

Apache Calcite is an open source framework from the Apache Foundation for building database and data management systems.A code injection vulnerability exists in the Apache Calcite Avatica JDBC driver, which stems from the fact that classes are not verified to implement the expected interface before instantiation, and can be exploited by attackers to cause code execution via arbitrary class loading and, in rare cases, remote code execution.

Related

osv 3
github 1
cve 1
veracode 1
cvelist 1
ibm 5
prion 1
nvd 1
wolfi 1
nessus 2
osv
osv
CVE-2022-36364
2022-07-28 09:15:08
CGA-5w69-hjc2-pq79
2024-09-08 12:19:50
Apache Calcite Avatica JDBC driver arbitrary code execution
2022-07-29 00:00:44
github
github
Apache Calcite Avatica JDBC driver arbitrary code execution
2022-07-29 00:00:44
cve
cve
CVE-2022-36364
2022-07-28 09:15:08
veracode
veracode
Arbitrary Code Execution
2022-07-29 03:39:13
cvelist
cvelist
CVE-2022-36364 Apache Calcite Avatica JDBC driver `httpclient_impl` connection property can be used as an RCE vector
2022-07-28 08:35:10
ibm
ibm
Security Bulletin: Potential vulnerability in Apache Calcite Avatica affects IBM Operations Analytics - Log Analysis (CVE-2022-36364)
2022-11-22 09:43:51
Security Bulletin: Vulnerability in Apache Calcite Avatica affects watsonx.data
2024-08-14 15:38:45
Security Bulletin: IBM Cognos Analytics has addressed multiple vulnerabilities (CVE-2021-29469, CVE-2022-39160, CVE-2022-38708, CVE-2022-42003, CVE-2022-42004, CVE-2022-43883, CVE-2022-43887, CVE-2022-25647, CVE-2022-36364)
2023-03-10 23:31:08
prion
prion
Code injection
2022-07-28 09:15:00
nvd
nvd
CVE-2022-36364
2022-07-28 09:15:08
wolfi
wolfi
CVE-2022-36364 vulnerabilities
2024-09-30 09:32:54
nessus
nessus
IBM Cognos Analytics Multiple Vulnerabilities (6841801)
2023-01-05 00:00:00
Splunk Enterprise 9.0.0 < 9.0.9, 9.1.0 < 9.1.4, 9.2.0 < 9.2.1 (SVD-2024-0718)
2024-07-01 00:00:00

EPSS

0.002

Percentile

51.7%

JSON
Related for CNVD-2022-55630
osv3github1cve1veracode1cvelist1ibm5prion1nvd1wolfi1nessus2