CVE-2022-1531

2022-04-2909:15:08

Google

osv.dev

8.6 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

55.9%

JSON

SQL injection vulnerability in ARAX-UI Synonym Lookup functionality in GitHub repository rtxteam/rtx prior to checkpoint_2022-04-20 . This vulnerability is critical as it can lead to remote code execution and thus complete server takeover.

CPENameOperatorVersion
rtxeqproduction_2020-05-06
rtxeqtrapi1.1final
rtxeqDec2021Demo-20211210
rtxeqproduction_2021-01-25
rtxeqproduction_2020-07-21
rtxeqproduction_2021-03-08
rtxeqproduction_2021-04-19
rtxeqproduction_2021-02-08
rtxeqKG2.5.0
rtxeqKG2.5.2

Name	Operator	Version
rtx	eq	production_2020-05-06
rtx	eq	trapi1.1final
rtx	eq	Dec2021Demo-20211210
rtx	eq	production_2021-01-25
rtx	eq	production_2020-07-21
rtx	eq	production_2021-03-08
rtx	eq	production_2021-04-19
rtx	eq	production_2021-02-08
rtx	eq	KG2.5.0
rtx	eq	KG2.5.2