3 matches found
cyrus-sasl: failure to properly escape SQL input allows an attacker to execute arbitrary SQL commands
A flaw was found in the SQL plugin shipped with Cyrus SASL. The vulnerability occurs due to failure to properly escape SQL input and leads to an improper input validation vulnerability. This flaw allows an attacker to execute arbitrary SQL commands and the ability to change the passwords for othe...
CLSA-2022-1646061301 Fix of CVE: CVE-2022-24407
CVE-2022-24407: Fix failure to properly escape SQL input allows an attacker to execute arbitrary SQL commands rhbz2055846...
CLSA-2022-1646061219 Fixed CVE-2022-24407 in cyrus-sasl
CVE-2022-24407: Fix failure to properly escape SQL input allows an attacker to execute arbitrary SQL commands...