{"id":"CVE-2022-3023","summary":"Use of Externally-Controlled Format String in pingcap/tidb","details":"Use of Externally-Controlled Format String in GitHub repository pingcap/tidb prior to 6.4.0, 6.1.3.","aliases":["GHSA-7fxj-fr3v-r9gj"],"modified":"2026-04-10T04:47:57.510947Z","published":"2022-11-04T00:00:00Z","database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/3xxx/CVE-2022-3023.json","cna_assigner":"@huntrdev","cwe_ids":["CWE-134"]},"references":[{"type":"WEB","url":"https://huntr.dev/bounties/120f1346-e958-49d0-b66c-0f889a469540"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/3xxx/CVE-2022-3023.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-3023"},{"type":"FIX","url":"https://github.com/pingcap/tidb/commit/d0376379d615cc8f263a0b17c031ce403c8dcbfb"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/pingcap/tidb","events":[{"introduced":"0"},{"fixed":"cf36a9ce2fe1039db3cf3444d51930b887df18a1"},{"introduced":"1a89decdb192cbdce6a7b0020d71128bc964d30f"},{"fixed":"6b02a5d8ba7dda28170ae2114b62e1e3b50dd974"},{"fixed":"d0376379d615cc8f263a0b17c031ce403c8dcbfb"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"6.4.0"},{"introduced":"6.1.0"},{"fixed":"6.1.3"}]}}],"versions":["Beta20160630","Beta20160730","Pre-GA","beta4","rc1","rc2","rc2-preview","rc3","rc4","v1.0.0","v1.1.0-alpha","v1.1.0-alpha.1","v1.1.0-beta","v2.0.0-rc.1","v2.0.0-rc.3","v2.0.0-rc.4","v2.1.0-alpha","v2.1.0-beta","v2.1.0-rc.1","v2.1.0-rc.2","v2.1.0-rc.3","v3.0.0-beta","v3.0.0-beta.1","v3.0.0-rc.1","v4.0.0-alpha","v4.0.0-beta","v4.0.0-beta.2","v5.1.0-alpha","v5.2.0-alpha","v5.3.0-alpha","v5.4.0-alpha","v5.5.0-alpha","v6.0.0-alpha","v6.1.0","v6.1.0-alpha","v6.1.1","v6.1.1-20230221","v6.1.2","v6.2.0-alpha","v6.3.0-alpha","v6.4.0-alpha"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-3023.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N"}]}