{"id":"OESA-2026-1487","summary":"hsqldb security update","details":"HSQLdb is a relational database engine written in JavaTM , with a JDBC driver, supporting a subset of ANSI-92 SQL. It offers a small (about 100k), fast database engine which offers both in memory and disk based tables. Embedded and server modes are available. Additionally, it includes tools such as a minimal web server, in-memory query and management tools (can be run as applets or servlets, too) and a number of demonstration examples. Downloaded code should be regarded as being of production quality. The product is currently being used as a database and persistence engine in many Open Source Software projects and even in commercial projects and products! In it's current version it is extremely stable and reliable. It is best known for its small size, ability to execute completely in memory and its speed. Yet it is a completely functional relational database management system that is completely free under the Modified BSD License. Yes, that's right, completely free of cost or restrictions!\r\n\r\nSecurity Fix(es):\n\nA flaw was found in the Libreoffice package. An attacker can craft an odb containing a "database/script" file with a SCRIPT command where the contents of the file could be written to a new file whose location was determined by the attacker.(CVE-2023-1183)","modified":"2026-03-11T07:15:46.970042Z","published":"2026-03-06T12:41:06Z","upstream":["CVE-2023-1183"],"database_specific":{"severity":"Medium"},"references":[{"type":"ADVISORY","url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-1487"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-1183"}],"affected":[{"package":{"name":"hsqldb","ecosystem":"openEuler:24.03-LTS-SP2","purl":"pkg:rpm/openEuler/hsqldb&distro=openEuler-24.03-LTS-SP2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.4.0-6.oe2403sp2"}]}],"ecosystem_specific":{"src":["hsqldb-2.4.0-6.oe2403sp2.src.rpm"],"noarch":["hsqldb-2.4.0-6.oe2403sp2.noarch.rpm","hsqldb-demo-2.4.0-6.oe2403sp2.noarch.rpm","hsqldb-javadoc-2.4.0-6.oe2403sp2.noarch.rpm","hsqldb-lib-2.4.0-6.oe2403sp2.noarch.rpm","hsqldb-manual-2.4.0-6.oe2403sp2.noarch.rpm"]},"database_specific":{"source":"https://repo.openeuler.org/security/data/osv/OESA-2026-1487.json"}}],"schema_version":"1.7.5"}