Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-39135

Apache Calcite 1.22.0 introduced the SQL operators EXISTS_NODE, EXTRACT_XML, XML_TRANSFORM and EXTRACT_VALUE do not restrict XML External Entity references in their configuration, making them vulnerable to a potential XML External Entity (XXE) attack. Therefore any client exposing these operators, typically by using Oracle dialect (the first three) or MySQL dialect (the last one), is affected by this vulnerability (the extent of it will depend on the user under which the application is running). From Apache Calcite 1.32.0 onwards, Document Type Declarations and XML External Entity resolution are disabled on the impacted operators.

Published

2022-09-11T12:15:08.437

Last Modified

2024-11-21T07:17:38.763

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 9.8 (CRITICAL)

Weaknesses

Type: Primary
CWE-611
Type: Secondary
CWE-611

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	apache	calcite	< 1.32.0	Yes

References

http://www.openwall.com/lists/oss-security/2022/11/21/3 Mailing List, Mitigation, Third Party Advisory ([email protected])
https://lists.apache.org/thread/ohdnhlgm6jvt3srw8l7spkm2d5vwm082 Mailing List, Vendor Advisory ([email protected])
http://www.openwall.com/lists/oss-security/2022/11/21/3 Mailing List, Mitigation, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://lists.apache.org/thread/ohdnhlgm6jvt3srw8l7spkm2d5vwm082 Mailing List, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)