CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-31607 – Ubuntu Security Notice USN-6832-1
https://notcve.org/view.php?id=CVE-2023-31607
15 May 2023 — An issue in the __libc_malloc component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. Jingzhou Fu discovered that Virtuoso Open-Source Edition incorrectly handled certain crafted SQL statements. An attacker could possibly use this issue to crash the program, resulting in a denial of service. Jingzhou Fu discovered that Virtuoso Open-Source Edition incorrectly handled certain crafted SQL statements. An attacker could possibly use this i... • https://github.com/openlink/virtuoso-opensource/issues/1120 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-31618
https://notcve.org/view.php?id=CVE-2023-31618
15 May 2023 — An issue in the sqlc_union_dt_wrap component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. • https://github.com/openlink/virtuoso-opensource/issues/1136 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-31625
https://notcve.org/view.php?id=CVE-2023-31625
15 May 2023 — An issue in the psiginfo component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. • https://github.com/openlink/virtuoso-opensource/issues/1132 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •