Описание
In Cyrus SASL 2.1.17 through 2.1.27 before 2.1.28, plugins/sql.c does not escape the password for a SQL INSERT or UPDATE statement.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 2.1.27~101-g0780600+dfsg-3ubuntu2.4 |
| devel | released | 2.1.27+dfsg2-3ubuntu1 |
| esm-infra-legacy/trusty | not-affected | 2.1.25.dfsg1-17ubuntu0.1~esm2 |
| esm-infra/bionic | not-affected | 2.1.27~101-g0780600+dfsg-3ubuntu2.4 |
| esm-infra/focal | not-affected | 2.1.27+dfsg-2ubuntu0.1 |
| esm-infra/xenial | released | 2.1.26.dfsg1-14ubuntu0.2+esm1 |
| focal | released | 2.1.27+dfsg-2ubuntu0.1 |
| impish | released | 2.1.27+dfsg-2.1ubuntu0.1 |
| jammy | released | 2.1.27+dfsg2-3ubuntu1 |
| trusty/esm | released | 2.1.25.dfsg1-17ubuntu0.1~esm2 |
Показывать по
10
6.5 Medium
CVSS2
8.8 High
CVSS3
Связанные уязвимости
CVSS3: 8.8
redhat
больше 3 лет назад
In Cyrus SASL 2.1.17 through 2.1.27 before 2.1.28, plugins/sql.c does not escape the password for a SQL INSERT or UPDATE statement.
CVSS3: 8.8
nvd
больше 3 лет назад
In Cyrus SASL 2.1.17 through 2.1.27 before 2.1.28, plugins/sql.c does not escape the password for a SQL INSERT or UPDATE statement.
CVSS3: 8.8
debian
больше 3 лет назад
In Cyrus SASL 2.1.17 through 2.1.27 before 2.1.28, plugins/sql.c does ...
6.5 Medium
CVSS2
8.8 High
CVSS3