Lucene search

K

GoogleOSV:GHSA-2CHV-87WJ-PJV2

HistoryMay 24, 2022 - 4:54 p.m.

OHDSI WebAPI vulnerable to SQL Injection

2022-05-2416:54:46

Google

osv.dev

5

0.002 Low

EPSS

Percentile

58.6%

Observational Health Data Sciences and Informatics (OHDSI) WebAPI before 2.7.2 allows SQL injection in FeatureExtractionService.java.

References

github.com/OHDSI/WebAPI

github.com/OHDSI/WebAPI/commit/d7b12b2f5234e425e5bc76545e75de0d6eb3f8fd

github.com/OHDSI/WebAPI/milestone/28?closed=1

github.com/OHDSI/WebAPI/pull/1101

github.com/OHDSI/WebAPI/releases/tag/v2.7.2

nvd.nist.gov/vuln/detail/CVE-2019-15563

0.002 Low

EPSS

Percentile

58.6%

Related for OSV:GHSA-2CHV-87WJ-PJV2

cve1 prion1 osv1 cvelist1 nvd1 github1