CVE-2022-45135: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

November 30, 2023 (updated December 5, 2023)

Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in Apache Cocoon.This issue affects Apache Cocoon: from 2.2.0 before 2.3.0.

Users are recommended to upgrade to version 2.3.0, which fixes the issue.

References

www.openwall.com/lists/oss-security/2023/11/30/3
lists.apache.org/thread/lsvd1hmr2t2q823x21d5ygzgbj9jpvjp
nvd.nist.gov/vuln/detail/CVE-2022-45135

Detect and mitigate CVE-2022-45135 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →