Skip to main content

Apache Calcite Avatica

1 CVEs product

Monthly

CVE-2022-36364 Maven HIGH PATCH This Week

Apache Calcite Avatica JDBC driver creates HTTP client instances based on class names provided via `httpclient_impl` connection property; however, the driver does not verify if the class implements. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apache RCE Apache Calcite Avatica
NVD
CVSS 3.1
8.8
EPSS
2.3%
EPSS 2% CVSS 8.8
HIGH PATCH This Week

Apache Calcite Avatica JDBC driver creates HTTP client instances based on class names provided via `httpclient_impl` connection property; however, the driver does not verify if the class implements. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apache RCE Apache Calcite Avatica
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy