Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:maven/com.orientechnologies/orientdb-studio@2.1.0
purl pkg:maven/com.orientechnologies/orientdb-studio@2.1.0
Next non-vulnerable version 2.1.1
Latest non-vulnerable version 2.1.1
Risk
Vulnerabilities affecting this package (2)
Vulnerability Summary Fixed by
VCID-m9dw-fhtn-dffn
Aliases:
CVE-2015-2918
GHSA-g4gg-9f62-jfph
Improper Input Validation The Studio component in OrientDB Server Community Edition before 2.0.15 and 2.1.x before 2.1.1 does not properly restrict use of FRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site.
2.1.1
Affected by 0 other vulnerabilities.
VCID-xs9z-avgh-t3by
Aliases:
CVE-2015-2912
GHSA-p8ww-vv84-c2rm
Cross-Site Request Forgery (CSRF) The JSONP endpoint in the Studio component in OrientDB Server Community Edition before 2.0.15 and 2.1.x before 2.1.1 does not properly restrict callback values, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks, and obtain sensitive information, via a crafted HTTP request.
2.1.1
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-06-02T04:38:31.137712+00:00 GitLab Importer Affected by VCID-xs9z-avgh-t3by https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.orientechnologies/orientdb-studio/CVE-2015-2912.yml 38.6.0
2026-06-02T04:38:29.465215+00:00 GitLab Importer Affected by VCID-m9dw-fhtn-dffn https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.orientechnologies/orientdb-studio/CVE-2015-2918.yml 38.6.0