Risk Scores
CVSS v3.0
7.300000190734863
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
EPSS Score
0.10%
27.8th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| liquibase | liquibase | 0 |
| liquibase | liquibase/liquibase | unspecified |
| oracle | sqlcl | 19c |
| Maven | org.liquibase:liquibase-core | 0 |
Timeline
- Mar 4, 2022 CVE Published
- Mar 5, 2022 EPSS Score
- Apr 25, 2022 EPSS Score
- Jun 15, 2022 EPSS Score
- Aug 6, 2022 EPSS Score
- Sep 26, 2022 EPSS Score
- Jan 6, 2023 EPSS Score
- Feb 26, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 18, 2023 EPSS Score
- Jun 8, 2023 EPSS Score
- Jul 29, 2023 EPSS Score
References
- https://huntr.dev/bounties/f1ae5779-b406-4594-a8a3-d089c68d6e70 url
- https://github.com/liquibase/liquibase/commit/33d9d925082097fb1a3d2fc8e44423d964cd9381 url
- https://www.oracle.com/security-alerts/cpujul2022.html url
- http://seclists.org/fulldisclosure/2025/Apr/14 url
- https://www.oracle.com/security-alerts/cpujul2022.html#AppendixDB advisory
- https://www.oracle.com/security-alerts/cpujul2022verbose.html#DB advisory
- https://nvd.nist.gov/vuln/detail/CVE-2022-0839 advisory
- https://github.com/liquibase/liquibase package