How severe is CVE-2022-43441?

CVE-2022-43441 has a CVSS v3 score of 8.1 (HIGH).

CVE-2022-43441

Name: sqlite3
Author: ghost

8.1HIGH

A code execution vulnerability exists in the Statement Bindings functionality of Ghost Foundation node-sqlite3 5.1.1. A specially-crafted Javascript file can lead to arbitrary code execution. An attac

게시됨: 3/16/2023업데이트됨: 11/21/2024

설명

A code execution vulnerability exists in the Statement Bindings functionality of Ghost Foundation node-sqlite3 5.1.1. A specially-crafted Javascript file can lead to arbitrary code execution. An attacker can provide malicious input to trigger this vulnerability.

AI 분석AI 기반

영향받는 제품

ghostsqlite3

참조

https://github.com/TryGhost/node-sqlite3/security/advisories/GHSA-jqv5-7xpx-qj74
Vendor Advisory
https://talosintelligence.com/vulnerability_reports/TALOS-2022-1645
ExploitThird Party Advisory
https://github.com/TryGhost/node-sqlite3/security/advisories/GHSA-jqv5-7xpx-qj74
Vendor Advisory
https://talosintelligence.com/vulnerability_reports/TALOS-2022-1645
ExploitThird Party Advisory
https://www.talosintelligence.com/vulnerability_reports/TALOS-2022-1645