Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2022-3971
HistoryNov 13, 2022 - 10:15 a.m.

Sql injection

2022-11-1310:15:00
PRIOn knowledge base
www.prio-n.com
3
vulnerability
matrix-appservice-irc
critical
sql injection
code manipulation
postgres
patch
upgrading
version 0.36.0
component
vdb-213550 identifier

6.2 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

52.7%

JSON

A vulnerability was found in matrix-appservice-irc up to 0.35.1. It has been declared as critical. This vulnerability affects unknown code of the file src/datastore/postgres/PgDataStore.ts. The manipulation of the argument roomIds leads to sql injection. Upgrading to version 0.36.0 is able to address this issue. The name of the patch is 179313a37f06b298150edba3e2b0e5a73c1415e7. It is recommended to upgrade the affected component. VDB-213550 is the identifier assigned to this vulnerability.

CPENameOperatorVersion
matrix_irc_bridgele0.36.0

Related

cvelist 1
nvd 1
osv 2
veracode 1
github 1
cve 1
cvelist
cvelist
CVE-2022-3971 matrix-appservice-irc PgDataStore.ts sql injection
2022-11-13 00:00:00
nvd
nvd
CVE-2022-3971
2022-11-13 10:15:09
osv
osv
CVE-2022-3971
2022-11-13 10:15:09
Matrix-appservice-irc vulnerable to sql injection via roomIds argument
2022-11-13 12:00:17
veracode
veracode
SQL Injection
2022-11-14 07:37:00
github
github
Matrix-appservice-irc vulnerable to sql injection via roomIds argument
2022-11-13 12:00:17
cve
cve
CVE-2022-3971
2022-11-13 10:15:09

6.2 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

52.7%

JSON
Related for PRION:CVE-2022-3971
cvelist1nvd1osv2veracode1github1cve1