PYSEC-2024-72

See a problem?

Import Source

https://github.com/pypa/advisory-database/blob/main/vulns/ekuiper/PYSEC-2024-72.yaml

JSON Data

https://api.test.osv.dev/v1/vulns/PYSEC-2024-72

Aliases

Published

2024-08-20T15:15:00Z

Modified

2024-09-18T07:04:07.042699Z

Severity

8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

LF Edge eKuiper is a lightweight IoT data analytics and stream processing engine running on resource-constraint edge devices. A user could utilize and exploit SQL Injection to allow the execution of malicious SQL query via Get method in sqlKvStore. This vulnerability is fixed in 1.14.2.

References

Affected packages

PyPI / ekuiper

Package

Name: ekuiper; View open source insights on deps.dev
Purl: pkg:pypi/ekuiper

Affected ranges

Type: GIT
Repo: https://github.com/lf-edge/ekuiper
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

1a9c745649438feaac357d282959687012b65503

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.14.2

Affected versions

0.*

0.0.1.post1529761077

0.0.1.post1640190752

0.0.1.post1656951467

0.0.1.post1661454534

0.0.1.post1707338123

0.0.1.post1926549727

0.0.1.post2080668443

0.0.1.post2238139389

0.0.1.post2474892687

0.0.1.post2757722354

0.0.1.post2910672767

0.0.1.post2911616762

0.0.1.post3144438011

0.0.1.post3239329472

0.0.1.post3334144675

0.0.1.post3334852441

0.0.1.post3410331757

0.0.1.post3411321026

0.0.1.post3495668732

0.0.1.post3545948676

0.0.1.post3712037225

0.0.1.post3764011091

0.0.1.post3936265927

0.0.1.post3954842791

0.0.1.post4180521993

0.0.1.post4435707843

0.0.1.post4562358382

0.0.1.post4720014312

0.0.1.post5010322351

0.0.1.post5065833905

0.0.1.post5265725915

0.0.1.post5484225879

0.0.1.post5899657036

0.0.1.post6045113904

0.0.1.post6144238120

0.0.1.post6453363172

0.0.1.post6555916078

0.0.1.post6820182077

0.0.1.post7205401650

0.0.1.post7257106983

0.0.1.post7404344961

0.0.1.post7405252226

0.0.1.post7458781898

0.0.1.post7797037221

0.0.1.post7983964087

0.0.1.post8014428509

0.0.1.post8150341330

0.0.1.post8273699428

0.0.1.post8319707068

0.0.1.post8478752636

0.0.1.post8782256682

0.0.1.post8813247801

0.0.1.post8829897389

0.0.1.post9220188115

0.0.1.post9638601298

0.0.1.post9690215560

0.0.1.post9736400841

0.0.1.post10035392509

0.0.1.post10469657945

0.0.1.post10592133245

0.0.1.post10917063435

1.*

1.4.0

1.4.1

1.4.2

1.4.3

1.4.4

1.5.0

1.5.1

1.6.0

1.6.1

1.6.2

1.6.3

1.7.0

1.7.1

1.7.2

1.7.3

1.7.4

1.7.5

1.7.6

1.8.0

1.8.1

1.8.2

1.9.0

1.9.1

1.9.2

1.10.0

1.10.1

1.10.2

1.11.0

1.11.1

1.11.2

1.11.3

1.11.4

1.11.5

1.12.0

1.12.1

1.12.2

1.12.3

1.12.4

1.12.5

1.12.6

1.12.7

1.12.8

1.13.0

1.13.1

1.13.2

1.13.3

1.13.4

1.13.5

1.13.6

1.14.0

1.14.1