Description
In Apache Derby 10.1.2.1, 10.2.2.0, 10.3.1.4, and 10.4.1.3, Export processing may allow an attacker to overwrite an existing file.
Remediation
References
http://db.apache.org/derby/releases/release-10.6.2.1.html#Note+for+DERBY-2925
http://www.securityfocus.com/bid/101562
https://issues.apache.org/jira/browse/DERBY-2925
Related Vulnerabilities
CVE-2023-36468 Vulnerability in maven package org.xwiki.platform:xwiki-platform-core
CVE-2023-3223 Vulnerability in maven package io.undertow:undertow-servlet
CVE-2017-12174 Vulnerability in maven package org.apache.activemq:artemis-core-client
CVE-2018-20676 Vulnerability in maven package org.webjars.bowergithub.jasny:bootstrap