GaussDB 200 with version of 6.5.1 have a command injection vulnerability. The software constructs part of a command using external input from users, but the software does not sufficiently validate the user input. Successful exploit could allow the attacker to inject certain commands.
[
{
"product": "GaussDB 200",
"vendor": "Huawei",
"versions": [
{
"status": "affected",
"version": "6.5.1"
}
]
}
]