Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

OSV
OSVadded 2024/03/04 5:29 p.m.14 views

GO-2024-2587 SQL injection in github.com/apache/age/drivers/golang

SQL injection in github.com/apache/age/drivers/golang...

8.1CVSS8.4AI score0.00511EPSS
Exploits0References2
Veracode
Veracodeadded 2023/02/09 9:7 a.m.22 views

SQL Injection

Apache Age is vulnerable to SQL Injection attacks. A specifically crafted attack statement through the cypher function allows a malicious user to inject and execute arbitrary SQL queries on the target system due to the failure to fully utilize parameterization. This only impacts PostgreSQL 11 and...

8.1CVSS8.7AI score0.00511EPSS
Exploits0References3Affected Software2
OSV
OSVadded 2023/02/04 9:30 p.m.1 views

GHSA-6P5Q-H963-PWWF Apache AGE: Python and Golang drivers allow data manipulation and exposure due to SQL injection

There are issues with the AGE drivers for Golang and Python that enable SQL injections to occur. This impacts AGE for PostgreSQL 11 & AGE for PostgreSQL 12, all versions up-to-and-including 1.1.0, when using those drivers. The fix is to update to the latest Golang and Python drivers in addition t...

8.1CVSS7.3AI score0.00511EPSS
Exploits0References3
Github Security Blog
Github Security Blogadded 2023/02/04 9:30 p.m.13 views

Apache AGE: Python and Golang drivers allow data manipulation and exposure due to SQL injection

There are issues with the AGE drivers for Golang and Python that enable SQL injections to occur. This impacts AGE for PostgreSQL 11 & AGE for PostgreSQL 12, all versions up-to-and-including 1.1.0, when using those drivers. The fix is to update to the latest Golang and Python drivers in addition t...

8.1CVSS7.7AI score0.00511EPSS
Exploits0References3Affected Software2
Cvelist
Cvelistadded 2023/02/04 8:40 p.m.13 views

CVE-2022-45786 Apache AGE: Python and Golang drivers allow data manipulation and exposure due to SQL injection

There are issues with the AGE drivers for Golang and Python that enable SQL injections to occur. This impacts AGE for PostgreSQL 11 & AGE for PostgreSQL 12, all versions up-to-and-including 1.1.0, when using those drivers. The fix is to update to the latest Golang and Python drivers in addition t...

8.6AI score0.00511EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2023/02/04 8:40 p.m.5 views

CVE-2022-45786 Apache AGE: Python and Golang drivers allow data manipulation and exposure due to SQL injection

There are issues with the AGE drivers for Golang and Python that enable SQL injections to occur. This impacts AGE for PostgreSQL 11 & AGE for PostgreSQL 12, all versions up-to-and-including 1.1.0, when using those drivers. The fix is to update to the latest Golang and Python drivers in addition t...

8AI score0.00511EPSS
Exploits0References1
CNNVD
CNNVDadded 2023/02/04 12:0 a.m.1 views

Apache AGE SQL注入漏洞

Apache AGE is a PostgreSQL extension from the Apache Foundation that provides graphical database functionality. An SQL injection vulnerability exists in the Apache AGE driver, which stems from an inability to parameterize passed values, leading to SQL injection...

8.1CVSS7.9AI score0.00511EPSS
Exploits0References3
Rows per page
Query Builder