CVE-2022-3751: owncast is vulnerable to SQL Injection

November 29, 2022 (updated April 25, 2025)

SQL Injection in GitHub repository owncast/owncast prior to 0.0.13.

References

github.com/advisories/GHSA-cvh4-cjc9-84qm
github.com/owncast/owncast
github.com/owncast/owncast/commit/23b6e5868d5501726c27a3fabbecf49000968591
github.com/owncast/owncast/pull/2257
huntr.com/bounties/a04cff99-5d53-45e5-a882-771b0fad62c9
nvd.nist.gov/vuln/detail/CVE-2022-3751
pkg.go.dev/vuln/GO-2022-1138

Code Behaviors & Features

Detect and mitigate CVE-2022-3751 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →