{"id":"CVE-2022-4399","details":"A vulnerability was found in TicklishHoneyBee nodau. It has been rated as critical. Affected by this issue is some unknown functionality of the file src/db.c. The manipulation of the argument value/name leads to sql injection. The name of the patch is 7a7d737a3929f335b9717ddbd31db91151b69ad2. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-215252.","modified":"2026-04-12T03:22:21.570953Z","published":"2022-12-10T22:15:17.697Z","references":[{"type":"ADVISORY","url":"https://vuldb.com/?id.215252"},{"type":"FIX","url":"https://github.com/TicklishHoneyBee/nodau/commit/7a7d737a3929f335b9717ddbd31db91151b69ad2"},{"type":"FIX","url":"https://github.com/TicklishHoneyBee/nodau/pull/26"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/ticklishhoneybee/nodau","events":[{"introduced":"0"},{"fixed":"7a7d737a3929f335b9717ddbd31db91151b69ad2"}]},{"type":"GIT","repo":"https://github.com/ticklishhoneybee/nodau","events":[{"introduced":"0"},{"fixed":"7a7d737a3929f335b9717ddbd31db91151b69ad2"}]}],"versions":["v0.3.0","v0.3.1","v0.3.2","v0.3.3","v0.3.4","v0.3.5","v0.3.6","v0.3.7","v0.3.8"],"database_specific":{"vanir_signatures_modified":"2026-04-12T03:22:21Z","unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"0.3.9"}]}],"vanir_signatures":[{"deprecated":false,"signature_type":"Line","id":"CVE-2022-4399-085752ac","target":{"file":"src/edit.c"},"signature_version":"v1","source":"https://github.com/ticklishhoneybee/nodau/commit/7a7d737a3929f335b9717ddbd31db91151b69ad2","digest":{"threshold":0.9,"line_hashes":["303983630242556410311672699158956633467","71499854133615171770895906052409212869","92604545006411061145820306845868935123","270420472280771672584607465768667532754"]}},{"deprecated":false,"signature_type":"Line","id":"CVE-2022-4399-6db549e5","target":{"file":"src/db.c"},"signature_version":"v1","source":"https://github.com/ticklishhoneybee/nodau/commit/7a7d737a3929f335b9717ddbd31db91151b69ad2","digest":{"threshold":0.9,"line_hashes":["220077255670172517469659362740396878108","32152425791934044834379851842228186781","238015134087219505584587765945293165424","8265645216601249147815872756681571887","101174584379961206002306045164503461894","334372379568649365900827020725360290582","155161866965538311290721953814571064468","286144686912161310496978550447016805394","55695778189050286310257037177799672681","131298456139013868821065262633935501996","167151049315703213690770821808353661190","336189486306234553157239543324679914406","324658004757048485276837914621620078059"]}},{"deprecated":false,"signature_type":"Function","id":"CVE-2022-4399-d65800d4","target":{"function":"db_update","file":"src/db.c"},"signature_version":"v1","source":"https://github.com/ticklishhoneybee/nodau/commit/7a7d737a3929f335b9717ddbd31db91151b69ad2","digest":{"length":540,"function_hash":"262014694912892732859119665972027525242"}},{"deprecated":false,"signature_type":"Function","id":"CVE-2022-4399-fd048ae2","target":{"function":"edit_ext","file":"src/edit.c"},"signature_version":"v1","source":"https://github.com/ticklishhoneybee/nodau/commit/7a7d737a3929f335b9717ddbd31db91151b69ad2","digest":{"length":1254,"function_hash":"167158113131622619940783978181612783006"}}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-4399.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}