CVE-2010-2232
Improper Access Control in Apache Derby
7.5
HIGH
CVSS 3.1
EPSS 1.7%
Description
In Apache Derby 10.1.2.1, 10.2.2.0, 10.3.1.4, and 10.4.1.3, Export processing may allow an attacker to overwrite an existing file.
How to fix CVE-2010-2232
To remediate CVE-2010-2232, upgrade the affected package to a fixed version below.
- Maven/org.apache.derby:derby—upgrade to 10.4.2.0 or later
Is CVE-2010-2232 being exploited?
Low — EPSS is 1.7%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- >= 10.1.2.1, < 10.4.2.0
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH7.5 | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |