Contains the core Apache Derby database engine, which also includes the embedded JDBC driver.
Known vulnerabilities in the org.apache.derby:derby package. This does not include vulnerabilities belonging to this package’s dependencies.Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
org.apache.derby:derby is a subproject of the Apache DB project.
Affected versions of this package are vulnerable to Security Bypass. A specially-crafted network packet can be used to request the Derby Network Server to boot a database whose location and contents are under the user's control.
How to fix Security Bypass?