---

CVE-2022-34265 - log back

CVE-2022-34265 edited at 10 Aug 2022 18:36:19
Severity	- Unknown + High
Remote	- Unknown + Remote
Type	- Unknown + Sql injection

CVE-2022-34265 edited at 10 Aug 2022 18:35:37
Description	+ Trunc() and Extract() database functions were subject to SQL injection if untrusted data was used as a kind/lookup_name value
References
Notes	+ Applications that constrain the lookup name and kind choice to a known safe list are unaffected

CVE-2022-34265 created at 28 Jul 2022 20:16:07