Lucene search
+L

7 matches found

ibm
ibm
added 2022/11/03 5:10 p.m.41 views

Security Bulletin: IBM App Connect Enterprise Certified Container IntegrationServer operands that use the postgresql connector code may be vulnerable to SQL Injection due to [CVE-2022-35942]

Summary The postgresql Loopback connector is available in the IntegrationServer image from IBM App Connect Enterprise Certified Container. IBM App Connect Enterprise Certified Container does not use this component directly but it is available for use by an application developed to run in an...

10CVSS9.3AI score0.00547EPSS
Exploits0Affected Software1
nvd
nvd
added 2022/08/12 11:15 p.m.15 views

CVE-2022-35942

Improper input validation on the contains LoopBack filter may allow for arbitrary SQL injection. When the extended filter property contains is permitted to be interpreted by the Postgres connector, it is possible to inject arbitrary SQL which may affect the confidentiality and integrity of data...

10CVSS0.00547EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2022/08/12 10:25 p.m.7 views

CVE-2022-35942 loopback-connector-postgresql Vulnerable to Improper Sanitization of `contains` Filter

Improper input validation on the contains LoopBack filter may allow for arbitrary SQL injection. When the extended filter property contains is permitted to be interpreted by the Postgres connector, it is possible to inject arbitrary SQL which may affect the confidentiality and integrity of data...

9.3CVSS9.8AI score0.00547EPSS
Exploits0References2
cve
cve
added 2022/08/12 10:25 p.m.130 views

CVE-2022-35942

The CVE-2022-35942 issue affects loopback-connector-postgresql (LoopBack) where improper input validation of the contains filter allows SQL injection when interpreted by the PostgreSQL connector. A patch was released in loopback-connector-postgresql v5.5.1 to fix this. Impacts include cases where...

10CVSS9.8AI score0.00547EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2022/08/12 10:25 p.m.24 views

CVE-2022-35942 loopback-connector-postgresql Vulnerable to Improper Sanitization of `contains` Filter

Improper input validation on the contains LoopBack filter may allow for arbitrary SQL injection. When the extended filter property contains is permitted to be interpreted by the Postgres connector, it is possible to inject arbitrary SQL which may affect the confidentiality and integrity of data...

9.3CVSS10AI score0.00547EPSS
Exploits0References2
osv
osv
added 2022/08/12 10:25 p.m.42 views

CVE-2022-35942 loopback-connector-postgresql Vulnerable to Improper Sanitization of `contains` Filter

Improper input validation on the contains LoopBack filter may allow for arbitrary SQL injection. When the extended filter property contains is permitted to be interpreted by the Postgres connector, it is possible to inject arbitrary SQL which may affect the confidentiality and integrity of data...

9.3CVSS9.2AI score0.00547EPSS
Exploits0References4
vulnersosv
vulnersosv
added 2022/08/11 9:13 p.m.5 views

@maksym.khudyakov/feature-signup (>=1.0.0-alpha <=1.0.6-alpha), @maksym.khudyakov/feature-todo (>=1.0.0-alpha <=1.0.25-alpha) +20 more potentially affected by CVE-2022-35942 via loopback-connector-postgresql (>=2.4.1 <=3.9.1)

loopback-connector-postgresql NPM version =2.4.1, =1.0.0-alpha, =1.0.0-alpha, =1.0.1, =1.0.0, =1.0.12, =1.0.12, =0.0.13, =0.0.17, =1.0.0, =0.0.2, =0.0.1, =1.0.0, =1.0.1 and more Source cves: CVE-2022-35942 Source advisory: OSV:GHSA-J259-6C58-9M58...

10CVSS7.2AI score0.00547EPSS
Exploits0
Rows per page
Query Builder