Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/hsqldb@1.8.0.9-3
purl pkg:deb/debian/hsqldb@1.8.0.9-3
Next non-vulnerable version 2.5.1-1+deb11u2
Latest non-vulnerable version 2.5.1-1+deb11u2
Risk 4.5
Vulnerabilities affecting this package (2)
Vulnerability Summary Fixed by
VCID-e7dq-77gj-1fc2
Aliases:
CVE-2023-1183
libreoffice: Arbitrary file write
2.5.1-1+deb11u2
Affected by 0 other vulnerabilities.
VCID-knw5-d2nn-vyhq
Aliases:
CVE-2022-41853
GHSA-77xx-rxvh-q682
HyperSQL DataBase vulnerable to remote code execution when processing untrusted input Those using `java.sql.Statement` or `java.sql.PreparedStatement` in hsqldb (HyperSQL DataBase) to process untrusted input may be vulnerable to a remote code execution attack. By default it is allowed to call any static method of any Java class in the classpath resulting in code execution. The issue can be prevented by updating to 2.7.1 or by setting the system property "hsqldb.method_class_names" to classes which are allowed to be called. For example, `System.setProperty("hsqldb.method_class_names", "abc")` or Java argument `-Dhsqldb.method_class_names="abc"` can be used. From version 2.7.1 all classes by default are not accessible except those in `java.lang.Math` and need to be manually enabled.
2.5.1-1+deb11u2
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (1)
Vulnerability Summary Aliases
VCID-ymqq-9gmh-6kfn An unspecified vulnerability has been reported in OpenOffice.org, possibly allowing for the execution of arbitrary code. CVE-2007-4575

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-15T23:27:59.563633+00:00 Debian Oval Importer Affected by VCID-knw5-d2nn-vyhq https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T18:25:05.420878+00:00 Debian Oval Importer Fixing VCID-ymqq-9gmh-6kfn https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T17:19:39.003668+00:00 Debian Oval Importer Affected by VCID-e7dq-77gj-1fc2 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-11T23:03:20.912540+00:00 Debian Oval Importer Affected by VCID-knw5-d2nn-vyhq https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T18:10:09.795629+00:00 Debian Oval Importer Fixing VCID-ymqq-9gmh-6kfn https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T17:06:07.768333+00:00 Debian Oval Importer Affected by VCID-e7dq-77gj-1fc2 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-08T22:37:13.743530+00:00 Debian Oval Importer Affected by VCID-knw5-d2nn-vyhq https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T17:56:30.962616+00:00 Debian Oval Importer Fixing VCID-ymqq-9gmh-6kfn https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T16:55:21.469730+00:00 Debian Oval Importer Affected by VCID-e7dq-77gj-1fc2 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0