Potential Remote Code Execution Vulnerability Discovered In HyperSQL
A potential remote code execution vulnerability (CVE-2022-41853 ) was detected in HSQLDB with a critical CVSS base score of 9.8. All versions <= 2.7.0 are affected. More details, impact and remediation can be found in the Code Intelligence blog post .
HSQLDB is used by more than 3,113 Maven packages including LibreOffice, JBoss, Log4j, Hibernate, Spring-Boot (having thousands of usages with the potential having transitive risk), and enterprise software .
Code Intelligence Raises $12M for Dev-First Security
We are thrilled to announce that we secured Series A funding of $12 Million and welcome Thomas Dohmke, CEO of GitHub as our new business angel.
Our Log4j Bug Detectors Are Now in Google’s OSS-Fuzz
Code Intelligence implemented bug detectors for Remote Code Execution Vulnerabilities (RCEs) into Google’s open-source fuzzing framework, OSS-Fuzz.
Open-Source: Jazzer Fixes 19 Bugs in Jsoup
With Jazzer, we were able to find over 19 Bugs in Jsoup. Jsoup is a popular open-source library used to parse, extract and manipulate data stored in HTML.