Vulnerabilities > Mybatis

DATE	CVE	VULNERABILITY TITLE	RISK
2023-04-05	CVE-2023-25330	SQL Injection vulnerability in Mybatis A SQL injection vulnerability in Mybatis plus below 3.5.3.1 allows remote attackers to execute arbitrary SQL commands via the tenant ID valuer. network low complexity mybatis CWE-89 critical	9.8
2022-09-02	CVE-2022-36594	SQL Injection vulnerability in Mybatis Mapper Mapper v4.0.0 to v4.2.0 was discovered to contain a SQL injection vulnerability via the ids parameter at the selectByIds function. network low complexity mybatis CWE-89 critical	9.8
2020-10-10	CVE-2020-26945	Deserialization of Untrusted Data vulnerability in Mybatis MyBatis before 3.5.6 mishandles deserialization of object streams. network high complexity mybatis CWE-502	8.1

Vulnerabilities > Mybatis {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Mybatis"}]}