HyperSQL Database is vulnerable to remote code execution. The vulnerability exists in the supportsJavaMethod
function of HsqlDatabaseProperties.java
due to the untrusted input process allowing an attacker to execute remote codes in the system.
hsqldb.org/doc/2.0/guide/sqlroutines-chapt.html#src_jrt_access_control
bugs.chromium.org/p/oss-fuzz/issues/detail?id=50212#c7
github.com/advisories/GHSA-77xx-rxvh-q682
github.com/ryenus/hsqldb/commit/b6719c67b41eb9298c2451ad2829bf03b262a941
lists.debian.org/debian-lts-announce/2022/12/msg00020.html
sourceforge.net/p/hsqldb/svn/6614/tree//base/trunk/src/org/hsqldb/persist/HsqlDatabaseProperties.java
www.debian.org/security/2023/dsa-5313