{"id":"CVE-2022-1531","summary":"SQL injection vulnerability in ARAX-UI Synonym Lookup functionality in rtxteam/rtx","details":"SQL injection vulnerability in ARAX-UI Synonym Lookup functionality in GitHub repository rtxteam/rtx prior to checkpoint_2022-04-20 . This vulnerability is critical as it can lead to remote code execution and thus complete server takeover.","modified":"2026-04-10T04:43:08.831843Z","published":"2022-04-29T09:10:10Z","database_specific":{"cwe_ids":["CWE-89"],"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/1xxx/CVE-2022-1531.json","cna_assigner":"@huntrdev"},"references":[{"type":"WEB","url":"https://huntr.dev/bounties/fc4eb544-ef1e-412d-9fdb-0ceb04e038fe"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/1xxx/CVE-2022-1531.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-1531"},{"type":"FIX","url":"https://github.com/rtxteam/rtx/commit/fa2797e656e3dba18f990a2db1f0f029d41f1921"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/rtxteam/rtx","events":[{"introduced":"0"},{"fixed":"75f70762004ae870bb75ff6eb2d1700aa15c7e79"}]}],"versions":["0.1","KG2.5.2","KG2.6.0","checkpoint_2022-01-26","checkpoint_2022-02-07","checkpoint_2022-03-30","production_2020-05-08","production_2020-05-12","production_2020-07-21","production_2021-05-05","production_2021-05-21"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-1531.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"}]}