Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntuUbuntuUSN-6879-1
HistoryJul 04, 2024 - 12:00 a.m.

Virtuoso Open-Source Edition vulnerabilities

2024-07-0400:00:00
ubuntu.com
7
virtuoso open-source edition
sql handling
ubuntu 24.04 lts
ubuntu 22.04 lts
denial of service
cve-2023-31620
cve-2023-31622
cve-2023-31624
cve-2023-31626
cve-2023-31627
cve-2023-31629
cve-2023-31630
cve-2023-31631
cve-2023-48951
cve-2023-48945
cve-2023-48946
cve-2023-48947
cve-2023-48950

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

7.6

Confidence

Low

JSON

Releases

  • Ubuntu 24.04 LTS
  • Ubuntu 22.04 LTS
  • Ubuntu 20.04 LTS
  • Ubuntu 18.04 ESM
  • Ubuntu 16.04 ESM

Packages

  • virtuoso-opensource - high-performance database

Details

Jingzhou Fu discovered that Virtuoso Open-Source Edition incorrectly
handled certain crafted SQL statements. An attacker could possibly use
this issue to crash the program, resulting in a denial of service.
(CVE-2023-31620, CVE-2023-31622, CVE-2023-31624, CVE-2023-31626,
CVE-2023-31627, CVE-2023-31629, CVE-2023-31630, CVE-2023-31631,
CVE-2023-48951)

Jingzhou Fu discovered that Virtuoso Open-Source Edition incorrectly
handled certain crafted SQL statements. An attacker could possibly use
this issue to crash the program, resulting in a denial of service.
This issue only affects Ubuntu 22.04 LTS and Ubuntu 24.04 LTS.
(CVE-2023-48945, CVE-2023-48946, CVE-2023-48947, CVE-2023-48950)

OSVersionArchitecturePackageVersionFilename
Ubuntu24.04noarchvirtuoso-opensource< 7.2.5.1+dfsg1-0.8ubuntu0.1~esm2UNKNOWN
Ubuntu24.04noarchlibvirtodbc0< 7.2.5.1+dfsg1-0.8build1UNKNOWN
Ubuntu24.04noarchlibvirtodbc0-dbgsym< 7.2.5.1+dfsg1-0.8build1UNKNOWN
Ubuntu24.04noarchlibvirtuoso5.5-cil< 7.2.5.1+dfsg1-0.8build1UNKNOWN
Ubuntu24.04noarchvirtuoso-minimal< 7.2.5.1+dfsg1-0.8build1UNKNOWN
Ubuntu24.04noarchvirtuoso-opensource< 7.2.5.1+dfsg1-0.8build1UNKNOWN
Ubuntu24.04noarchvirtuoso-opensource-7< 7.2.5.1+dfsg1-0.8build1UNKNOWN
Ubuntu24.04noarchvirtuoso-opensource-7-bin< 7.2.5.1+dfsg1-0.8build1UNKNOWN
Ubuntu24.04noarchvirtuoso-opensource-7-common< 7.2.5.1+dfsg1-0.8build1UNKNOWN
Ubuntu24.04noarchvirtuoso-opensource-7-dbgsym< 7.2.5.1+dfsg1-0.8build1UNKNOWN
Rows per page:
1-10 of 1111

Related

nessus 4
openvas 1
osv 9
redos 1
amazon 2
ubuntucve 13
prion 13
redhatcve 13
cvelist 13
cve 13
debiancve 13
nvd 13
veracode 5
nessus
nessus
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : Virtuoso Open-Source Edition vulnerabilities (USN-6879-1)
2024-07-05 00:00:00
RHEL 7 : virtuoso-opensource (Unpatched Vulnerability)
2024-05-11 00:00:00
Amazon Linux 2 : virtuoso-opensource (ALAS-2023-2360)
2023-12-04 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-6879-1)
2024-07-08 00:00:00
osv
osv
virtuoso-opensource vulnerabilities
2024-07-04 20:25:40
CVE-2023-31620
2023-05-15 15:15:12
CVE-2023-31627
2023-05-15 15:15:12
redos
redos
ROS-20240402-15
2024-04-02 00:00:00
amazon
amazon
Medium: virtuoso-opensource
2023-11-29 22:19:00
Important: virtuoso-opensource
2024-01-03 21:04:00
ubuntucve
ubuntucve
CVE-2023-31620
2023-05-15 00:00:00
CVE-2023-48947
2023-11-29 00:00:00
CVE-2023-48946
2023-11-29 00:00:00
prion
prion
Design/Logic Flaw
2023-11-29 20:15:00
Design/Logic Flaw
2023-11-29 20:15:00
Information disclosure
2023-11-29 20:15:00
redhatcve
redhatcve
CVE-2023-48950
2023-12-06 08:29:40
CVE-2023-48946
2023-12-06 09:47:42
CVE-2023-48947
2023-12-06 09:47:51
cvelist
cvelist
CVE-2023-48947
2023-11-29 00:00:00
CVE-2023-48945
2023-11-29 00:00:00
CVE-2023-48946
2023-11-29 00:00:00
cve
cve
CVE-2023-48950
2023-11-29 20:15:08
CVE-2023-48946
2023-11-29 20:15:07
CVE-2023-48947
2023-11-29 20:15:07
debiancve
debiancve
CVE-2023-48945
2023-11-29 20:15:07
CVE-2023-48946
2023-11-29 20:15:07
CVE-2023-48950
2023-11-29 20:15:08
nvd
nvd
CVE-2023-48947
2023-11-29 20:15:07
CVE-2023-48951
2023-11-29 20:15:08
CVE-2023-48946
2023-11-29 20:15:07
veracode
veracode
SQL Injection
2024-05-13 12:41:19
SQL Injection
2024-05-13 12:41:37
SQL Injection
2024-05-13 12:40:56

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

7.6

Confidence

Low

JSON
Related for USN-6879-1
nessus4openvas1osv9redos1amazon2ubuntucve13prion13redhatcve13cvelist13cve13debiancve13nvd13veracode5