A vulnerability classified as critical has been found in arekk uke. This affects an unknown part of the file lib/uke/finder.rb. The manipulation leads to sql injection. The name of the patch is 52fd3b2d0bc16227ef57b7b98a3658bb67c1833f. It is recommended to apply a patch to fix this issue. The identifier VDB-217485 was assigned to this vulnerability.
References
Link | Resource |
---|---|
https://github.com/arekk/uke/commit/52fd3b2d0bc16227ef57b7b98a3658bb67c1833f | Patch Third Party Advisory |
https://vuldb.com/?ctiid.217485 | Permissions Required Third Party Advisory |
https://vuldb.com/?id.217485 | Permissions Required Third Party Advisory |
Configurations
Information
Published : 2023-01-05 06:15
Updated : 2023-01-11 11:37
NVD link : CVE-2015-10014
Mitre link : CVE-2015-10014
JSON object : View
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Products Affected
uke_project
- uke