CVE-2022-0495

Опубликовано: 21 сент. 2022

Источник: nvd

CVSS3: 9.4

CVSS3: 9.8

EPSS Низкий

Описание

The library automation system product KOHA developed by Parantez Teknoloji before version 19.05.03 has an unauthenticated SQL Injection vulnerability. This has been fixed in the version 19.05.03.01.

Ссылки

https://www.usom.gov.tr/bildirim/tr-22-0635
Third Party Advisory
https://www.usom.gov.tr/bildirim/tr-22-0635
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:parantezteknoloji:koha_library_automation:*:*:*:*:*:*:*:*

Версия до 19.05.03.01 (исключая)

EPSS

Процентиль: 62%

0.0043

Низкий

9.4 Critical

CVSS3

9.8 Critical

CVSS3

Дефекты

CWE-89

Связанные уязвимости

GHSA-2hr4-jcq5-r7fq

CVSS3: 9.8

github

больше 3 лет назад

The library automation system product KOHA developed by Parantez Teknoloji before version 19.05.03 has an unauthenticated SQL Injection vulnerability. This has been fixed in the version 19.05.03.01.

EPSS

Процентиль: 62%

0.0043

Низкий

9.4 Critical

CVSS3

9.8 Critical

CVSS3

Дефекты

CWE-89