4 matches found
GHSA-3JMM-F6JJ-RCC3 rudder-server is vulnerable to SQL injection
rudder-server is part of RudderStack, an open source Customer Data Platform CDP. Versions of rudder-server prior to 1.3.0-rc.1 are vulnerable to SQL injection. This issue may lead to Remote Code Execution RCE due to the rudder role in PostgresSQL having superuser permissions by default. Version...
rudder-server is vulnerable to SQL injection
rudder-server is part of RudderStack, an open source Customer Data Platform CDP. Versions of rudder-server prior to 1.3.0-rc.1 are vulnerable to SQL injection. This issue may lead to Remote Code Execution RCE due to the rudder role in PostgresSQL having superuser permissions by default. Version...
VulnCheck KEV: CVE-2023-30625
rudder-server is part of RudderStack, an open source Customer Data Platform CDP. Versions of rudder-server prior to 1.3.0-rc.1 are vulnerable to SQL injection. This issue may lead to Remote Code Execution RCE due to the rudder role in PostgresSQL having superuser permissions by default...
PT-2023-22822 · Unknown · Postgresql +1
Name of the Vulnerable Software and Affected Versions: rudder-server versions prior to 1.3.0-rc.1 Description: The issue is related to SQL injection, which may lead to Remote Code Execution RCE due to the rudder role in PostgresSQL having superuser permissions by default. Recommendations: For...