MidnightBSD

Advisories for hibernate

CVE-2019-14900 MEDIUM

A flaw was found in Hibernate ORM in versions before 5.3.18, 5.4.18 and 5.5.0.Beta1. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SELECT or GROUP BY parts of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-89,

Products Affected

Vendor Product Version
hibernate hibernate_orm *
redhat jboss_enterprise_application_platform 7.4
redhat jboss_data_grid 7.0.0
redhat openstack 14
redhat jboss_middleware_text-only_advisories -
redhat fuse *
redhat jboss_enterprise_application_platform 7.2
redhat decision_manager 7.0
redhat openstack 10
redhat openstack 13
quarkus quarkus *
redhat single_sign-on -
redhat build_of_quarkus -
redhat jboss_enterprise_application_platform -
redhat jboss_enterprise_application_platform 7.3
CVE-2020-25638 MEDIUM

A flaw was found in hibernate-core in versions prior to and including 5.4.23.Final. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SQL comments of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks. The highest threat from this vulnerability is to data confidentiality and integrity.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-89,CWE-89,

Products Affected

Vendor Product Version
hibernate hibernate_orm *
oracle retail_customer_management_and_segmentation_foundation 19.0
debian debian_linux 10.0
quarkus quarkus *
debian debian_linux 9.0
oracle communications_cloud_native_core_console 1.9.0
CVE-2023-1932

A flaw was found in hibernate-validator's 'isValid' method in the org.hibernate.validator.internal.constraintvalidators.hv.SafeHtmlValidator class, which can be bypassed by omitting the tag ending in a less-than character. Browsers may render an invalid html, allowing HTML injection or Cross-Site-Scripting (XSS) attacks.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
secalert@redhat.com 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

Products Affected

Vendor Product Version
redhat openstack_platform 13.0
redhat codeready_studio 12.0
redhat jboss_enterprise_application_platform -
hibernate hibernate-validator *
redhat jboss_enterprise_application_platform 7.0.0
redhat single_sign-on 7.0