VDB

GCVE-VVD-MAGEIA-2022-111

GCVE-VVD-MAGEIA-2022-111
Advisory Published
Vulnetix · Advisory published August 14, 2022
In Cyrus SASL 2.1.17 through 2.1.27 before 2.1.28, plugins/sql.c does not escape the password for a SQL INSERT or UPDATE statement. (CVE-2022-24407)
Download JSON Open in Console

Affected Products

VendorProductVersionsPlatforms
Mageiajava-11-openjdk0 (affected), 11.0.15.0.10-1.2.mga8 (unaffected)
Mageiacyrus-sasl0 (affected), 2.1.27-3.1.mga8 (unaffected), 0 (affected), 2.1.27-3.1.mga8 (unaffected)

References

Updated cyrus-sasl packages fix security vulnerability
advisory
Updated cyrus-sasl packages fix security vulnerability
issue
Updated cyrus-sasl packages fix security vulnerability
issue
Updated cyrus-sasl packages fix security vulnerability
advisory
Updated java-11-openjdk packages fix netinstall
advisory
Updated java-11-openjdk packages fix netinstall
issue

Browse GCVE Records

100 records in the GCVE database · Updated April 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

Open in Console Download JSON
$ Console Community · 100/wk Open console ›