Lucene search
+L

4 matches found

RedhatCVE
RedhatCVE
added 2025/07/22 2:50 p.m.9 views

CVE-2025-7894

A vulnerability, which was classified as critical, has been found in Onyx up to 0.29.1. This issue affects the function generatesimplesql of the file backend/onyx/agents/agentsearch/kbsearch/nodes/a3generatesimplesql.py of the component Chat Interface. The manipulation leads to sql injection. The...

9.8CVSS7.5AI score0.00488EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/07/20 2:2 p.m.14 views

CVE-2025-7894 Onyx Chat Interface a3_generate_simple_sql.py generate_simple_sql sql injection

A vulnerability, which was classified as critical, has been found in Onyx up to 0.29.1. This issue affects the function generatesimplesql of the file backend/onyx/agents/agentsearch/kbsearch/nodes/a3generatesimplesql.py of the component Chat Interface. The manipulation leads to sql injection. The...

6.5CVSS0.00488EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/07/20 2:2 p.m.3 views

CVE-2025-7894 Onyx Chat Interface a3_generate_simple_sql.py generate_simple_sql sql injection

A vulnerability, which was classified as critical, has been found in Onyx up to 0.29.1. This issue affects the function generatesimplesql of the file backend/onyx/agents/agentsearch/kbsearch/nodes/a3generatesimplesql.py of the component Chat Interface. The manipulation leads to sql injection. The...

6.5CVSS7.4AI score0.00488EPSS
Exploits1References4
CVE
CVE
added 2025/07/20 2:2 p.m.26 views

CVE-2025-7894

Onyx is affected up to version 0.29.1, with the SQL injection vulnerability arising via the generate_simple_sql function in backend/onyx/agents/agent_search/kb_search/nodes/a3_generate_simple_sql.py (Chat Interface). The issue allows remote exploitation and has been publicly disclosed. Connected ...

9.8CVSS7.4AI score0.00488EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder