CVE-2024-39909 | openclarity kubeclarity up to 2.23.0 Query String id_view.go sql injection

Inserito da Angelo Barbosa | Lug 12, 2024 | CVE

A vulnerability was found in openclarity kubeclarity up to 2.23.0. It has been classified as critical. This affects an unknown part of the file backend/pkg/database/id_view.go of the component Query String Handler. The manipulation leads to sql injection.

This vulnerability is uniquely identified as CVE-2024-39909. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-39909 | openclarity kubeclarity up to 2.23.0 Query String id_view.go sql injection

Post correlati

CVE-2024-35968 | Linux Kernel up to 6.8.6 pds_core pci_reset_function deadlock (38407914d482/81665adf25d2)

CVE-2024-9976 | code-projects Pharmacy Management System 1.0 manage_customer.php?action=search text sql injection

CVE-2024-6027 | Themify Plugin up to 1.4.9 on WordPress conditions sql injection

CVE-2024-49904 | Linux Kernel up to 6.10.13/6.11.2 AMD list_for_each_entry_safe null pointer dereference (5ec731ef47f1/8e87763946f7/4416377ae1fd)