CVE-2022-1531

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2022-1531
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-1531.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2022-1531
Published
2022-04-29T09:10:10Z
Modified
2025-11-14T12:46:44.403316Z
Severity
  • 10.0 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H CVSS Calculator
Summary
SQL injection vulnerability in ARAX-UI Synonym Lookup functionality in rtxteam/rtx
Details

SQL injection vulnerability in ARAX-UI Synonym Lookup functionality in GitHub repository rtxteam/rtx prior to checkpoint_2022-04-20 . This vulnerability is critical as it can lead to remote code execution and thus complete server takeover.

Database specific 
{
    "cwe_ids": [
        "CWE-89"
    ]
}
References

Affected packages

Git / github.com/rtxteam/rtx

Affected ranges

Type
GIT
Repo
https://github.com/rtxteam/rtx
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
75f70762004ae870bb75ff6eb2d1700aa15c7e79

Affected versions

0.*

0.1

Other

Dec2021Demo
Dec2021Demo-20211116
Dec2021Demo-20211210
checkpoint_2021-05-24
checkpoint_2021-12-15
checkpoint_2022-01-26
checkpoint_2022-02-07
checkpoint_2022-03-30
production_2020-05-06
production_2020-05-08
production_2020-05-12
production_2020-06-10
production_2020-06-19
production_2020-07-21
production_2020-08-27
production_2020-11-20
production_2020-11-30
production_2020-12-02
production_2021-01-25
production_2021-02-01
production_2021-02-02
production_2021-02-08
production_2021-02-16
production_2021-03-01
production_2021-03-08
production_2021-03-16
production_2021-03-22
production_2021-03-30
production_2021-03-31
production_2021-04-08
production_2021-04-12
production_2021-04-19
production_2021-05-05
production_2021-05-10
production_2021-05-21

KG2.*

KG2.3.5
KG2.4.0
KG2.5.0
KG2.5.2
KG2.6.0

trapi1.*

trapi1.0_final
trapi1.1final