CVE-2024-22682 | DuckDB/DuckDB extension-template up to 0.9.2 injection

Posted by Angelo Barbosa | Jan 30, 2024 | CVE

A vulnerability was found in DuckDB and DuckDB extension-template up to 0.9.2. It has been rated as problematic. This issue affects some unknown processing. The manipulation leads to injection.

The identification of this vulnerability is CVE-2024-22682. Access to the local network is required for this attack to succeed. There is no exploit available.

CVE-2024-22682 | DuckDB/DuckDB extension-template up to 0.9.2 injection

Related Posts

CVE-2021-47205 | Linux Kernel up to 5.15.4 sunxi-ng ccu_reset initialization (b5dd513daa70/9bec2b9c6134)

CVE-2022-4963 | Folio Spring Module Core up to 1.1.5 Schema Name HibernateSchemaService.java dropSchema sql injection (FOLIO-3645)

CVE-2024-0921 | D-Link DIR-816 A2 1.10CNB04 Web Interface setDeviceSettings statuscheckpppoeuser os command injection

CVE-2023-40085 | Google Android 12/12L/13 ShimConverter.cpp convertSubgraphFromHAL information disclosure