CVE-2009-3165 in Ubuntu

CVE-2009-3165

Priority

Description

SQL injection vulnerability in the Bug.create WebService function in
Bugzilla 2.23.4 through 3.0.8, 3.1.1 through 3.2.4, and 3.3.1 through 3.4.1
allows remote attackers to execute arbitrary SQL commands via unspecified
parameters.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3165

Notes

Package

Source: bugzilla (LP Ubuntu Debian)

Upstream:	needs-triage
Ubuntu 22.04 LTS (Jammy Jellyfish):	not-affected (3.2.5.0-1)

Patches:

More Information

Mitre
NVD
Launchpad
Debian

Updated: 2022-02-10 23:38:36 UTC (commit acb3d89ab51f1d5e5543fa993969c0eb13c71f04)