VulnerableCode Package Details - pkg:maven/org.hibernate/hibernate-core@5.5.0.Beta1

Search for packages

Vulnerability	Summary	Fixed by
VCID-qqu7-yqc6-rqab Aliases: CVE-2026-0603 GHSA-2p5w-cvg5-gc5c	org.hibernate/hibernate-core: Hibernate: Information disclosure and data deletion via second-order SQL injection	6.0.0.Alpha2 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-qqu7-yqc6-rqab
Aliases:
CVE-2026-0603
GHSA-2p5w-cvg5-gc5c

org.hibernate/hibernate-core: Hibernate: Information disclosure and data deletion via second-order SQL injection

6.0.0.Alpha2
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
VCID-qxnf-qs7c-4fby	SQL Injection in Hibernate ORM A flaw was found in Hibernate ORM in versions before 5.3.18, 5.4.18 and 5.5.0.Beta1. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SELECT or GROUP BY parts of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks.	CVE-2019-14900 GHSA-8grg-q944-cch5

Vulnerability

Summary

Aliases

VCID-qxnf-qs7c-4fby

SQL Injection in Hibernate ORM A flaw was found in Hibernate ORM in versions before 5.3.18, 5.4.18 and 5.5.0.Beta1. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SELECT or GROUP BY parts of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks.

CVE-2019-14900
GHSA-8grg-q944-cch5

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-29T22:54:43.828309+00:00	GitLab Importer	Affected by	VCID-qqu7-yqc6-rqab	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.hibernate/hibernate-core/CVE-2026-0603.yml	38.5.0
2026-04-29T20:19:20.194186+00:00	GitLab Importer	Fixing	VCID-qxnf-qs7c-4fby	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.hibernate/hibernate-core/CVE-2019-14900.yml	38.5.0
2026-04-19T17:39:50.959642+00:00	GitLab Importer	Affected by	VCID-qqu7-yqc6-rqab	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.hibernate/hibernate-core/CVE-2026-0603.yml	38.4.0
2026-04-16T21:39:40.043996+00:00	GitLab Importer	Fixing	VCID-qxnf-qs7c-4fby	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.hibernate/hibernate-core/CVE-2019-14900.yml	38.4.0
2026-04-11T22:54:53.343581+00:00	GitLab Importer	Fixing	VCID-qxnf-qs7c-4fby	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.hibernate/hibernate-core/CVE-2019-14900.yml	38.3.0
2026-04-02T23:03:58.427679+00:00	GitLab Importer	Fixing	VCID-qxnf-qs7c-4fby	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.hibernate/hibernate-core/CVE-2019-14900.yml	38.1.0
2026-04-01T15:59:52.150421+00:00	GHSA Importer	Fixing	VCID-qxnf-qs7c-4fby	https://github.com/advisories/GHSA-8grg-q944-cch5	38.0.0
2026-04-01T13:06:24.758997+00:00	GithubOSV Importer	Fixing	VCID-qxnf-qs7c-4fby	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/02/GHSA-8grg-q944-cch5/GHSA-8grg-q944-cch5.json	38.0.0
2026-04-01T12:49:30.826758+00:00	GitLab Importer	Fixing	VCID-qxnf-qs7c-4fby	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.hibernate/hibernate-core/CVE-2019-14900.yml	38.0.0