3 matches found
CVE-2022-30331
The User-Defined Functions UDF feature in TigerGraph 3.6.0 allows installation of a query in the GSQL query language without proper validation. Consequently, an attacker can execute arbitrary C++ code. NOTE: the vendor's position is "GSQL was behaving as expected."...
CVE-2022-30331
The User-Defined Functions UDF feature in TigerGraph 3.6.0 allows installation of a query in the GSQL query language without proper validation. Consequently, an attacker can execute arbitrary C++ code. NOTE: the vendor's position is "GSQL was behaving as expected."...
CVE-2022-30331
TigerGraph 3.6.0 is affected by a vulnerability in the User-Defined Functions (UDF) feature that lets an attacker install a GSQL query without proper validation, enabling arbitrary C++ code execution. Impact is high (remote execution with elevated risk if UDF is enabled). Evidence from multiple s...