CVSS: 10.0EPSS: 4%CPEs: 1EXPL: 0CVE-2024-36265 – Apache Submarine Server Core: authorization bypass
https://notcve.org/view.php?id=CVE-2024-36265
12 Jun 2024 — Incorrect Authorization vulnerability in Apache Submarine Server Core. This issue affects Apache Submarine Server Core: from 0.8.0. As this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restrict access to the instance to trusted users. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. • http://www.openwall.com/lists/oss-security/2024/06/12/3 • CWE-863: Incorrect Authorization •
CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-36263 – Apache Submarine Server Core: SQL injection
https://notcve.org/view.php?id=CVE-2024-36263
12 Jun 2024 — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Apache Submarine Server Core. This issue affects Apache Submarine Server Core: all versions. As this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restrict access to the instance to trusted users. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. • http://www.openwall.com/lists/oss-security/2024/06/12/1 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •