Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Tigergraph Subscribe
Filtered by product Tigergraph
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-30331 1 Tigergraph 1 Tigergraph 2023-01-20 N/A 8.8 HIGH
** DISPUTED ** The User-Defined Functions (UDF) feature in TigerGraph 3.6.0 allows installation of a query (in the GSQL query language) without proper validation. Consequently, an attacker can execute arbitrary C++ code. NOTE: the vendor's position is "GSQL was behaving as expected."