Homepage

org.dashbuilder:dashbuilder-dataset-sql@0.5.0.Final vulnerabilities

  • latest version

    1.0.0.Final

  • latest non vulnerable version

    1.0.0.Final

  • first published

    10 years ago

  • latest version published

    7 years ago

  • licenses detected

  • package manager

    View on Maven Repository
    • Go back to all versions of this package
    Report a new vulnerability Found a mistake?

    Direct Vulnerabilities

    Known vulnerabilities in the org.dashbuilder:dashbuilder-dataset-sql package. This does not include vulnerabilities belonging to this package’s dependencies.

    How to fix?

    Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

    Fix for free
    VulnerabilityVulnerable Version
    • C
    SQL Injection

    org.dashbuilder:dashbuilder-dataset-sql SQL injection vulnerability in the getStringParameterSQL method in main/java/org/dashbuilder/dataprovider/sql/dialect/DefaultDialect.java in Dashbuilder before 0.6.0.Beta1 allows remote attackers to execute arbitrary SQL commands via a data set lookup filter in the (1) Data Set Authoring or (2) Displayer editor UI.

    [,0.6.0.Beta1)
    Go back to all versions of this package