Debian Hsqldb vulnerabilities

CVE-2023-1183 [MEDIUM] CVE-2023-1183: hsqldb - A flaw was found in the Libreoffice package. An attacker can craft an odb contai... A flaw was found in the Libreoffice package. An attacker can craft an odb containing a "database/script" file with a SCRIPT command where the contents of the file could be written to a new file whose location was determined by the attacker. Scope: local bookworm: resolved (fixed in 2.7.1-1+deb12u1) bullseye: resolved (fixed in 2.5.1-1+deb11u2) forky: resolved (fixed

CVE-2022-41853 [HIGH] CVE-2022-41853: hsqldb - Those using java.sql.Statement or java.sql.PreparedStatement in hsqldb (HyperSQL... Those using java.sql.Statement or java.sql.PreparedStatement in hsqldb (HyperSQL DataBase) to process untrusted input may be vulnerable to a remote code execution attack. By default it is allowed to call any static method of any Java class in the classpath resulting in code execution. The issue can be prevented by updating to 2.7.1 or by setting the system property "

CVE-2007-4575 [CRITICAL] CVE-2007-4575: hsqldb - HSQLDB before 1.8.0.9, as used in OpenOffice.org (OOo) 2 before 2.3.1, allows us... HSQLDB before 1.8.0.9, as used in OpenOffice.org (OOo) 2 before 2.3.1, allows user-assisted remote attackers to execute arbitrary Java code via crafted database documents, related to "exposing static java methods." Scope: local bookworm: resolved (fixed in 1.8.0.9-1) bullseye: resolved (fixed in 1.8.0.9-1) forky: resolved (fixed in 1.8.0.9-1) sid: resolved (fixed i