CVE-2026-34717 OpenProject: SQL Injection in Cost Reporting =n Operator via parse_number_string

OpenProject is an open-source, web-based project management software. Prior to version 17.2.3, the =n operator in modules/reporting/lib/report/operator.rb:177 embeds user input directly into SQL WHERE clauses without parameterization. This issue has been patched in version 17.2.3...

CVE-2026-34717

OpenProject vulnerability CVE-2026-34717 affects the cost reporting feature. The issue arises in the =n operator used in modules/reporting/lib/report/operator.rb:177 where user input is embedded directly into SQL WHERE clauses without parameterization, creating a SQL injection risk. The root caus...

OpenProject SQL注入漏洞

OpenProject is an open-source web-based project management software. Versions of OpenProject prior to 17.2.3 had a SQL injection vulnerability. This vulnerability stemmed from the use of the = operator, which directly embedded user input into the SQL WHERE clause, potentially allowing SQL injecti...

CVE-2025-61766 Bucket vulnerable to infinite recursion when querying a bucket using the != operator

Bucket is a MediaWiki extension to store and retrieve structured data on articles. Prior to version 1.0.0, infinite recursion can occur if a user queries a bucket using the != comparator. This will result in PHP's call stack limit exceeding, and/or increased memory consumption, potentially leadin...

CVE-2012-2967

Caucho Quercus, as distributed in Resin before 4.0.29, does not properly implement the == equals sign equals sign operator for comparisons, which has unspecified impact and context-dependent attack vectors...

SUSE CVE-2017-9115

In OpenEXR 2.2.0, an invalid write of size 2 in the = operator function in half.h could cause the application to crash or execute arbitrary code...

GHSA-2QR7-8FP8-4XXR Caucho Quercus, as distributed in Resin, does not properly implement the `==` operator for comparisons

Caucho Quercus, as distributed in Resin before 4.0.29, does not properly implement the == equals sign equals sign operator for comparisons, which has unspecified impact and context-dependent attack vectors...

The vulnerability of the zend_string_extend function in the PHP interpreter allows a attacker to cause a service failure or exert other effects.

The vulnerability of the zendstringextend function in the PHP interpreter is related to insufficient control over modifications to object instances of the sequence type. Exploiting this vulnerability could allow a malicious actor to cause service failures or other adverse effects e.g., terminatio...

UBUNTU-CVE-2017-9115

In OpenEXR 2.2.0, an invalid write of size 2 in the = operator function in half.h could cause the application to crash or execute arbitrary code...

DEBIAN-CVE-2017-9115

In OpenEXR 2.2.0, an invalid write of size 2 in the = operator function in half.h could cause the application to crash or execute arbitrary code...