CVE-2022-3799

Опубликовано: 01 нояб. 2022

Источник: nvd

CVSS3: 6.3

CVSS3: 8.8

EPSS Низкий

Описание

A vulnerability classified as critical was found in IBAX go-ibax. Affected by this vulnerability is an unknown functionality of the file /api/v2/open/tablesInfo. The manipulation leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-212635.

Ссылки

https://github.com/IBAX-io/go-ibax/issues/2060
Issue Tracking
Third Party Advisory
https://vuldb.com/?id.212635
Third Party Advisory
https://github.com/IBAX-io/go-ibax/issues/2060
Issue Tracking
Third Party Advisory
https://vuldb.com/?id.212635
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:ibax:go-ibax:-:*:*:*:*:*:*:*

EPSS

Процентиль: 54%

0.0031

Низкий

6.3 Medium

CVSS3

8.8 High

CVSS3

Дефекты

CWE-707

CWE-89

Связанные уязвимости

GHSA-fcgf-j8cf-h2rm

CVSS3: 8.8

github

больше 3 лет назад

IBAX go-ibax vulnerable to SQL injection

EPSS

Процентиль: 54%

0.0031

Низкий

6.3 Medium

CVSS3

8.8 High

CVSS3

Дефекты

CWE-707

CWE-89