Lucene search
GoogleOSV:CVE-2022-45207HistoryNov 25, 2022 - 5:15 p.m.
CVE-2022-45207
2022-11-2517:15:11
Google
osv.dev
1
jeecg-boot v3.4.3
sql injection
cve-2022-45207
component updatenullbyemptystring
software
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.002 Low
EPSS
Percentile
52.3%
Jeecg-boot v3.4.3 was discovered to contain a SQL injection vulnerability via the component updateNullByEmptyString.
| CPE | Name | Operator | Version |
|---|---|---|---|
| jeecg-boot | eq | 2.1.2 | |
| jeecg-boot | eq | 2.1.4 | |
| jeecg-boot | eq | 3.3.0 | |
| jeecg-boot | eq | 3.4.3 | |
| jeecg-boot | eq | 3.1.0 | |
| jeecg-boot | eq | 2.1.3 | |
| jeecg-boot | eq | 2.3 | |
| jeecg-boot | eq | 3.4.0 | |
| jeecg-boot | eq | 2.2.1 | |
| jeecg-boot | eq | 2.4.0 |
Related
cve
cve
CVE-2022-45207
2022-11-25 17:15:11
cvelist
cvelist
CVE-2022-45207
2022-11-25 00:00:00
osv
osv
Jeecg-boot vulnerable to SQL injection via updateNullByEmptyString
2022-11-25 18:30:25
prion
prion
Sql injection
2022-11-25 17:15:00
nvd
nvd
CVE-2022-45207
2022-11-25 17:15:11
github
github
Jeecg-boot vulnerable to SQL injection via updateNullByEmptyString
2022-11-25 18:30:25
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.002 Low
EPSS
Percentile
52.3%
Related for OSV:CVE-2022-45207