Vulnerabilities > Odata4J Project > Odata4J
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-30 | CVE-2016-11024 | SQL Injection vulnerability in Odata4J Project Odata4J 0.7 odata4j 0.7.0 allows ExecuteJPQLQueryCommand.java SQL injection. | 7.5 |
| 2020-03-30 | CVE-2016-11023 | SQL Injection vulnerability in Odata4J Project Odata4J 0.7 odata4j 0.7.0 allows ExecuteCountQueryCommand.java SQL injection. | 7.5 |
| 2015-01-15 | CVE-2014-0171 | XML External Entity Injection vulnerability in odata4j XML external entity (XXE) vulnerability in StaxXMLFactoryProvider2 in Odata4j, as used in Red Hat JBoss Data Virtualization before 6.0.0 patch 4, allows remote attackers to read arbitrary files via a crafted request to a REST endpoint. | 5.0 |