CVE-2020-1937
published 2020-02-24CVE-2020-1937: Kylin has some restful apis which will concatenate SQLs with the user input string, a user is likely to be able to run malicious database queries.
high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
Kylin has some restful apis which will concatenate SQLs with the user input string, a user is likely to be able to run malicious database queries.
Affected
13 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | apache_kylin | — | — |
| apache | apache_kylin | — | — |
| apache | apache_kylin | — | — |
| apache | apache_kylin | — | — |
| apache | apache_kylin | — | — |
| apache | apache_kylin | — | — |
| apache | apache_kylin | — | — |
| apache | apache_kylin | — | — |
| apache | kylin | — | — |
| apache | kylin | 2.3.0 – 2.3.2 | — |
| apache | kylin | 2.4.0 – 2.4.1 | — |
| apache | kylin | 2.5.0 – 2.5.2 | — |
| apache | kylin | 2.6.0 – 2.6.4 | — |