CVE-2013-2745SQL Injection in Project Minidlna

CWE-89SQL Injection4 documents4 sources
Severity
9.8CRITICALNVD
EPSS
0.4%
top 40.10%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Minidlna Project MinidlnaDebian MinidlnaDebian Linux
Timeline
PublishedDec 4
Latest updateMay 5

Description

An SQL Injection vulnerability exists in MiniDLNA prior to 1.1.0

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages3 packages

debiandebian/minidlna< minidlna 1.1.2+dfsg-1 (bookworm)
Debianminidlna_project/minidlna< 1.1.2+dfsg-1+3

Also affects: Debian Linux 10.0, 8.0, 9.0

🔴Vulnerability Details

2
GHSA
GHSA-j44m-gq2g-v635: An SQL Injection vulnerability exists in MiniDLNA prior to 12022-05-05
OSV
CVE-2013-2745: An SQL Injection vulnerability exists in MiniDLNA prior to 12019-12-04

📋Vendor Advisories

1
Debian
CVE-2013-2745: minidlna - An SQL Injection vulnerability exists in MiniDLNA prior to 1.1.02013