Lucene search
GoogleOSV:GHSA-4FQX-74RV-638WHistoryFeb 15, 2022 - 1:57 a.m.
Pivotal Concourse SQL Injection Vulnerability
2022-02-1501:57:18
Google
osv.dev
7
pivotal concourse
sql injection
vulnerability
version 5.0.0
api
concourse resource
sql injection payload
privileged data
attacker
EPSS
0.001
Percentile
47.2%
Pivotal Concourse version 5.0.0, contains an API that is vulnerable to SQL injection. An Concourse resource can craft a version identifier that can carry a SQL injection payload to the Concourse server, allowing the attacker to read privileged data.
Related
veracode
veracode
SQL Injection
2019-03-28 02:41:41
cve
cve
CVE-2019-3792
2019-04-01 21:30:43
cvelist
cvelist
CVE-2019-3792 Concourse 5.0.0 SQL Injection vulnerability
2019-04-01 20:54:47
nvd
nvd
CVE-2019-3792
2019-04-01 21:30:43
osv
osv
CVE-2019-3792
2019-04-01 21:30:43
prion
prion
Sql injection
2019-04-01 21:30:00
github
github
Pivotal Concourse SQL Injection Vulnerability
2022-02-15 01:57:18