Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2022-36111
HistoryNov 23, 2022 - 6:15 p.m.

Code injection

2022-11-2318:15:00
PRIOn knowledge base
www.prio-n.com
1
immudb
1.4.1
code injection

0.001 Low

EPSS

Percentile

48.9%

JSON

immudb is a database with built-in cryptographic proof and verification. In versions prior to 1.4.1, a malicious immudb server can provide a falsified proof that will be accepted by the client SDK signing a falsified transaction replacing the genuine one. This situation can not be triggered by a genuine immudb server and requires the client to perform a specific list of verified operations resulting in acceptance of an invalid state value. This vulnerability only affects immudb client SDKs, the immudb server itself is not affected by this vulnerability. This issue has been patched in version 1.4.1.

CPENameOperatorVersion
immudblt1.4.1

Related

osv 3
nvd 1
cvelist 1
veracode 1
cve 1
github 1
osv
osv
CVE-2022-36111
2022-11-23 18:15:11
Insufficient verification of proofs in github.com/codenotary/immudb
2022-12-22 22:30:39
Insufficient Verification of Proofs generated by the immudb server in client SDK.
2022-11-21 20:38:39
nvd
nvd
CVE-2022-36111
2022-11-23 18:15:11
cvelist
cvelist
CVE-2022-36111 immundb has insufficient verification of data authenticity
2022-11-23 00:00:00
veracode
veracode
Improper Authorization
2022-11-24 16:38:12
cve
cve
CVE-2022-36111
2022-11-23 18:15:11
github
github
Insufficient Verification of Proofs generated by the immudb server in client SDK.
2022-11-21 20:38:39

0.001 Low

EPSS

Percentile

48.9%

JSON
Related for PRION:CVE-2022-36111
osv3nvd1cvelist1veracode1cve1github1