Description

A vulnerability was found in nickzren alsdb. It has been rated as critical. This issue affects some unknown processing. The manipulation leads to sql injection. Upgrading to version v2 is able to address this issue. The identifier of the patch is cbc79a68145e845f951113d184b4de207c341599. It is recommended to upgrade the affected component. The identifier VDB-218429 was assigned to this vulnerability.

Related CPE's

a

columbia

als_data_browser

1

Vulnerable

References

https://github.com/nickzren/alsdb/commit/cbc79a68145e845f951113d184b4de207c341599

PatchThird Party Advisory

https://github.com/nickzren/alsdb/releases/tag/v2

Release NotesThird Party Advisory

https://vuldb.com/?ctiid.218429

Permissions RequiredThird Party AdvisoryVDB Entry

https://vuldb.com/?id.218429

Third Party AdvisoryVDB Entry

Weaknesses

[email protected]

Primary
CWE-89

CVSS impact metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.8 · Critical

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information

Source identifier

[email protected]

Vulnerability status

Modified

Published

2023-01-17T16:15:16.383

2 years ago

Last modified

2024-05-17T01:08:09.830

1 year ago