CVE-2021-37625 (GCVE-0-2021-37625)
Vulnerability from cvelistv5 – Published: 2021-08-05 17:15 – Updated: 2024-08-04 01:23
VLAI?
Summary
Skytable is an open source NoSQL database. In versions prior to 0.6.4 an incorrect check of return value of the accept function in the run-loop for a TCP socket/TLS socket/TCP+TLS multi-socket causes an early exit from the run loop that should continue infinitely unless terminated by a local user, effectively causing the whole database server to shut down. This has severe impact and can be used to easily cause DoS attacks without the need to use much bandwidth. The attack vectors include using an incomplete TLS connection for example by not providing the certificate for the connection and using a specially crafted TCP packet that triggers the application layer backoff algorithm.
Severity ?
7.5 (High)
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T01:23:01.226Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/skytable/skytable/security/advisories/GHSA-q27r-h25m-hcc7"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/skytable/skytable/commit/bb19d024ea1e5e0c9a3d75a9ee58ff03c70c7e5d"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security.skytable.io/ve/s/00002.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "skytable",
"vendor": "skytable",
"versions": [
{
"status": "affected",
"version": "\u003c 0.6.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Skytable is an open source NoSQL database. In versions prior to 0.6.4 an incorrect check of return value of the accept function in the run-loop for a TCP socket/TLS socket/TCP+TLS multi-socket causes an early exit from the run loop that should continue infinitely unless terminated by a local user, effectively causing the whole database server to shut down. This has severe impact and can be used to easily cause DoS attacks without the need to use much bandwidth. The attack vectors include using an incomplete TLS connection for example by not providing the certificate for the connection and using a specially crafted TCP packet that triggers the application layer backoff algorithm."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-252",
"description": "CWE-252: Unchecked Return Value",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-253",
"description": "CWE-253: Incorrect Check of Function Return Value",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-08-05T17:15:09",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/skytable/skytable/security/advisories/GHSA-q27r-h25m-hcc7"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/skytable/skytable/commit/bb19d024ea1e5e0c9a3d75a9ee58ff03c70c7e5d"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security.skytable.io/ve/s/00002.html"
}
],
"source": {
"advisory": "GHSA-q27r-h25m-hcc7",
"discovery": "UNKNOWN"
},
"title": "Incorrect Check of Function Return Value in Skytable",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2021-37625",
"STATE": "PUBLIC",
"TITLE": "Incorrect Check of Function Return Value in Skytable"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "skytable",
"version": {
"version_data": [
{
"version_value": "\u003c 0.6.4"
}
]
}
}
]
},
"vendor_name": "skytable"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Skytable is an open source NoSQL database. In versions prior to 0.6.4 an incorrect check of return value of the accept function in the run-loop for a TCP socket/TLS socket/TCP+TLS multi-socket causes an early exit from the run loop that should continue infinitely unless terminated by a local user, effectively causing the whole database server to shut down. This has severe impact and can be used to easily cause DoS attacks without the need to use much bandwidth. The attack vectors include using an incomplete TLS connection for example by not providing the certificate for the connection and using a specially crafted TCP packet that triggers the application layer backoff algorithm."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-252: Unchecked Return Value"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-253: Incorrect Check of Function Return Value"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/skytable/skytable/security/advisories/GHSA-q27r-h25m-hcc7",
"refsource": "CONFIRM",
"url": "https://github.com/skytable/skytable/security/advisories/GHSA-q27r-h25m-hcc7"
},
{
"name": "https://github.com/skytable/skytable/commit/bb19d024ea1e5e0c9a3d75a9ee58ff03c70c7e5d",
"refsource": "MISC",
"url": "https://github.com/skytable/skytable/commit/bb19d024ea1e5e0c9a3d75a9ee58ff03c70c7e5d"
},
{
"name": "https://security.skytable.io/ve/s/00002.html",
"refsource": "MISC",
"url": "https://security.skytable.io/ve/s/00002.html"
}
]
},
"source": {
"advisory": "GHSA-q27r-h25m-hcc7",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2021-37625",
"datePublished": "2021-08-05T17:15:09",
"dateReserved": "2021-07-29T00:00:00",
"dateUpdated": "2024-08-04T01:23:01.226Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:skytable:skytable:0.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0B7A0023-9DCA-437D-BCF7-6E1EA2899E27\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:skytable:skytable:0.2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"790FC927-0EBF-4AE6-A4B4-90310C149DE3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:skytable:skytable:0.3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"129E6A3A-81EB-4584-AE12-1B9A74699747\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:skytable:skytable:0.3.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D48FA2A6-1FDF-4677-8ABF-DF3BE6935284\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:skytable:skytable:0.3.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"001BF079-4783-4197-8D43-367535FAD983\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:skytable:skytable:0.4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9BFB2633-7F65-45AA-AC30-461CA771A770\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:skytable:skytable:0.4.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"19C54D4B-2164-483C-A9C5-9F60F6B2D512\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:skytable:skytable:0.4.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4431E8E5-BFA8-4DD1-81D1-9A092EE362D9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:skytable:skytable:0.4.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4335E944-F8E7-4C35-9BE9-4007D10B9A35\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:skytable:skytable:0.4.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5EDF3B93-D0FA-451D-8DD4-18F7A417A8E8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:skytable:skytable:0.4.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C23C9BA7-AC91-4EA8-BAAC-03A545C4E499\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:skytable:skytable:0.5.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C64C814B-E134-40F4-B2BC-AB7A8D7A04AC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:skytable:skytable:0.5.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"95DF9168-46E2-4A19-A9A2-7A6334FA9C4B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:skytable:skytable:0.5.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"280D42AA-9441-437D-BAC6-73DCA0A7C0DF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:skytable:skytable:0.6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2284DFFE-9C99-4877-886A-E79D7DBD8E8A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:skytable:skytable:0.6.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8E2B7E5F-9305-4FFE-8C15-7D9BC9C514C5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:skytable:skytable:0.6.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FE19B368-C086-4575-99E2-F9BEBE7DB161\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:skytable:skytable:0.6.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CAEFFEC6-4B0A-49FC-BFEF-434E4384763D\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"Skytable is an open source NoSQL database. In versions prior to 0.6.4 an incorrect check of return value of the accept function in the run-loop for a TCP socket/TLS socket/TCP+TLS multi-socket causes an early exit from the run loop that should continue infinitely unless terminated by a local user, effectively causing the whole database server to shut down. This has severe impact and can be used to easily cause DoS attacks without the need to use much bandwidth. The attack vectors include using an incomplete TLS connection for example by not providing the certificate for the connection and using a specially crafted TCP packet that triggers the application layer backoff algorithm.\"}, {\"lang\": \"es\", \"value\": \"Skytable es una base de datos NoSQL de c\\u00f3digo abierto. En versiones anteriores a 0.6.4, una comprobaci\\u00f3n incorrecta del valor de retorno de la funci\\u00f3n accept en el bucle de ejecuci\\u00f3n para un socket TCP/socket TLS/multisocket TCP+TLS causa una salida anticipada del bucle de ejecuci\\u00f3n que deber\\u00eda continuar infinitamente a menos que sea terminado por un usuario local, causando efectivamente el cierre de todo el servidor de base de datos. Esto presenta un impacto severo y puede ser usado para causar f\\u00e1cilmente ataques DoS sin necesidad de usar mucho ancho de banda. Los vectores de ataque incluyen el uso de una conexi\\u00f3n TLS incompleta, por ejemplo, no proporcionando el certificado para la conexi\\u00f3n, y usando de un paquete TCP especialmente dise\\u00f1ado que desencadena el algoritmo de backoff de la capa de aplicaci\\u00f3n\"}]",
"id": "CVE-2021-37625",
"lastModified": "2024-11-21T06:15:32.933",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"security-advisories@github.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:N/A:P\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2021-08-05T18:15:07.443",
"references": "[{\"url\": \"https://github.com/skytable/skytable/commit/bb19d024ea1e5e0c9a3d75a9ee58ff03c70c7e5d\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/skytable/skytable/security/advisories/GHSA-q27r-h25m-hcc7\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://security.skytable.io/ve/s/00002.html\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://github.com/skytable/skytable/commit/bb19d024ea1e5e0c9a3d75a9ee58ff03c70c7e5d\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/skytable/skytable/security/advisories/GHSA-q27r-h25m-hcc7\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://security.skytable.io/ve/s/00002.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}]",
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"security-advisories@github.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-252\"}, {\"lang\": \"en\", \"value\": \"CWE-253\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-252\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2021-37625\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2021-08-05T18:15:07.443\",\"lastModified\":\"2024-11-21T06:15:32.933\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Skytable is an open source NoSQL database. In versions prior to 0.6.4 an incorrect check of return value of the accept function in the run-loop for a TCP socket/TLS socket/TCP+TLS multi-socket causes an early exit from the run loop that should continue infinitely unless terminated by a local user, effectively causing the whole database server to shut down. This has severe impact and can be used to easily cause DoS attacks without the need to use much bandwidth. The attack vectors include using an incomplete TLS connection for example by not providing the certificate for the connection and using a specially crafted TCP packet that triggers the application layer backoff algorithm.\"},{\"lang\":\"es\",\"value\":\"Skytable es una base de datos NoSQL de c\u00f3digo abierto. En versiones anteriores a 0.6.4, una comprobaci\u00f3n incorrecta del valor de retorno de la funci\u00f3n accept en el bucle de ejecuci\u00f3n para un socket TCP/socket TLS/multisocket TCP+TLS causa una salida anticipada del bucle de ejecuci\u00f3n que deber\u00eda continuar infinitamente a menos que sea terminado por un usuario local, causando efectivamente el cierre de todo el servidor de base de datos. Esto presenta un impacto severo y puede ser usado para causar f\u00e1cilmente ataques DoS sin necesidad de usar mucho ancho de banda. Los vectores de ataque incluyen el uso de una conexi\u00f3n TLS incompleta, por ejemplo, no proporcionando el certificado para la conexi\u00f3n, y usando de un paquete TCP especialmente dise\u00f1ado que desencadena el algoritmo de backoff de la capa de aplicaci\u00f3n\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-252\"},{\"lang\":\"en\",\"value\":\"CWE-253\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-252\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:skytable:skytable:0.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0B7A0023-9DCA-437D-BCF7-6E1EA2899E27\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:skytable:skytable:0.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"790FC927-0EBF-4AE6-A4B4-90310C149DE3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:skytable:skytable:0.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"129E6A3A-81EB-4584-AE12-1B9A74699747\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:skytable:skytable:0.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D48FA2A6-1FDF-4677-8ABF-DF3BE6935284\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:skytable:skytable:0.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"001BF079-4783-4197-8D43-367535FAD983\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:skytable:skytable:0.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9BFB2633-7F65-45AA-AC30-461CA771A770\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:skytable:skytable:0.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"19C54D4B-2164-483C-A9C5-9F60F6B2D512\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:skytable:skytable:0.4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4431E8E5-BFA8-4DD1-81D1-9A092EE362D9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:skytable:skytable:0.4.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4335E944-F8E7-4C35-9BE9-4007D10B9A35\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:skytable:skytable:0.4.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5EDF3B93-D0FA-451D-8DD4-18F7A417A8E8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:skytable:skytable:0.4.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C23C9BA7-AC91-4EA8-BAAC-03A545C4E499\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:skytable:skytable:0.5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C64C814B-E134-40F4-B2BC-AB7A8D7A04AC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:skytable:skytable:0.5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"95DF9168-46E2-4A19-A9A2-7A6334FA9C4B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:skytable:skytable:0.5.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"280D42AA-9441-437D-BAC6-73DCA0A7C0DF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:skytable:skytable:0.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2284DFFE-9C99-4877-886A-E79D7DBD8E8A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:skytable:skytable:0.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8E2B7E5F-9305-4FFE-8C15-7D9BC9C514C5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:skytable:skytable:0.6.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE19B368-C086-4575-99E2-F9BEBE7DB161\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:skytable:skytable:0.6.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CAEFFEC6-4B0A-49FC-BFEF-434E4384763D\"}]}]}],\"references\":[{\"url\":\"https://github.com/skytable/skytable/commit/bb19d024ea1e5e0c9a3d75a9ee58ff03c70c7e5d\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/skytable/skytable/security/advisories/GHSA-q27r-h25m-hcc7\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.skytable.io/ve/s/00002.html\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/skytable/skytable/commit/bb19d024ea1e5e0c9a3d75a9ee58ff03c70c7e5d\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/skytable/skytable/security/advisories/GHSA-q27r-h25m-hcc7\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.skytable.io/ve/s/00002.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]}]}}"
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…