Lucene search
K

4 matches found

OSV
OSV
added 2024/08/05 9:50 p.m.32 views

GHSA-3JMM-F6JJ-RCC3 rudder-server is vulnerable to SQL injection

rudder-server is part of RudderStack, an open source Customer Data Platform CDP. Versions of rudder-server prior to 1.3.0-rc.1 are vulnerable to SQL injection. This issue may lead to Remote Code Execution RCE due to the rudder role in PostgresSQL having superuser permissions by default. Version...

9.3CVSS9.1AI score0.85825EPSS
Exploits4References11
Github Security Blog
Github Security Blog
added 2024/08/05 9:50 p.m.30 views

rudder-server is vulnerable to SQL injection

rudder-server is part of RudderStack, an open source Customer Data Platform CDP. Versions of rudder-server prior to 1.3.0-rc.1 are vulnerable to SQL injection. This issue may lead to Remote Code Execution RCE due to the rudder role in PostgresSQL having superuser permissions by default. Version...

8.8CVSS8.1AI score0.85825EPSS
Exploits4References11Affected Software1
VulnCheck KEV
VulnCheck KEV
added 2023/12/04 12:0 a.m.4 views

VulnCheck KEV: CVE-2023-30625

rudder-server is part of RudderStack, an open source Customer Data Platform CDP. Versions of rudder-server prior to 1.3.0-rc.1 are vulnerable to SQL injection. This issue may lead to Remote Code Execution RCE due to the rudder role in PostgresSQL having superuser permissions by default...

8.8CVSS7.5AI score0.85825EPSS
Exploits4References1
Positive Technologies
Positive Technologies
added 2023/06/16 12:0 a.m.3 views

PT-2023-22822 · Unknown · Postgresql +1

Name of the Vulnerable Software and Affected Versions: rudder-server versions prior to 1.3.0-rc.1 Description: The issue is related to SQL injection, which may lead to Remote Code Execution RCE due to the rudder role in PostgresSQL having superuser permissions by default. Recommendations: For...

9.3CVSS10AI score0.85825EPSS
Exploits4References17
Rows per page
Query Builder