Lucene search
GoogleOSV:GHSA-9V66-9239-CQV2HistoryAug 17, 2023 - 9:30 p.m.
Jeecg-boot SQL Injection vulnerability
2023-08-1721:30:53
Google
osv.dev
6
sql injection
vulnerability
jeecg-boot
3.5.0
benchmark
pg_sleep
dbms_lock.sleep
waitfor
decode
dbms_pipe.receive_message
software
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
0.0004 Low
EPSS
Percentile
5.1%
SQL injection vulnerability in Jeecg-boot v.3.5.0 and before allows a local attacker to cause a denial of service via the Benchmark, PG_Sleep, DBMS_Lock.Sleep, Waitfor, DECODE, and DBMS_PIPE.RECEIVE_MESSAGE functions.
Related
veracode
veracode
SQL Injection
2023-08-19 02:15:19
osv
osv
CVE-2023-38905
2023-08-17 19:15:12
github
github
Jeecg-boot SQL Injection vulnerability
2023-08-17 21:30:53
prion
prion
Sql injection
2023-08-17 19:15:00
nvd
nvd
CVE-2023-38905
2023-08-17 19:15:12
cve
cve
CVE-2023-38905
2023-08-17 19:15:12
cvelist
cvelist
CVE-2023-38905
2023-08-17 00:00:00
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
0.0004 Low
EPSS
Percentile
5.1%
Related for OSV:GHSA-9V66-9239-CQV2