3 matches found
EUVD-2023-32153
Malicious code in bioql PyPI...
CVE-2022-30331
The User-Defined Functions UDF feature in TigerGraph 3.6.0 allows installation of a query in the GSQL query language without proper validation. Consequently, an attacker can execute arbitrary C++ code. NOTE: the vendor's position is "GSQL was behaving as expected."...
Code injection
DISPUTED The User-Defined Functions UDF feature in TigerGraph 3.6.0 allows installation of a query in the GSQL query language without proper validation. Consequently, an attacker can execute arbitrary C++ code. NOTE: the vendor's position is "GSQL was behaving as expected."...