{"id":"UBUNTU-CVE-2013-2018","details":"Multiple SQL injection vulnerabilities in BOINC allow remote attackers to execute arbitrary SQL commands via unspecified vectors.","modified":"2025-07-16T07:17:06.181259Z","published":"2020-02-20T00:15:00Z","withdrawn":"2025-07-18T16:42:51Z","upstream":["CVE-2013-2018"],"references":[{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2013-2018"},{"type":"REPORT","url":"http://www.openwall.com/lists/oss-security/2013/04/29/11"},{"type":"REPORT","url":"http://thread.gmane.org/gmane.comp.distributed.boinc.user/3658"},{"type":"REPORT","url":"http://thread.gmane.org/gmane.comp.distributed.boinc.user/3776"},{"type":"REPORT","url":"https://www.cve.org/CVERecord?id=CVE-2013-2018"}],"affected":[{"package":{"name":"boinc","ecosystem":"Ubuntu:14.04:LTS","purl":"pkg:deb/ubuntu/boinc@7.2.42+dfsg-1?arch=source&distro=trusty"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"7.2.42+dfsg-1"}]}],"versions":["7.2.7+dfsg-1","7.2.22+dfsg-1","7.2.28+dfsg-1","7.2.33+dfsg-1"],"ecosystem_specific":{"binaries":[{"binary_version":"7.2.42+dfsg-1","binary_name":"boinc"},{"binary_version":"7.2.42+dfsg-1","binary_name":"boinc-amd-opencl"},{"binary_version":"7.2.42+dfsg-1","binary_name":"boinc-client"},{"binary_version":"7.2.42+dfsg-1","binary_name":"boinc-dbg"},{"binary_version":"7.2.42+dfsg-1","binary_name":"boinc-dev"},{"binary_version":"7.2.42+dfsg-1","binary_name":"boinc-manager"},{"binary_version":"7.2.42+dfsg-1","binary_name":"boinc-nvidia-cuda"},{"binary_version":"7.2.42+dfsg-1","binary_name":"libboinc-app-dev"},{"binary_version":"7.2.42+dfsg-1","binary_name":"libboinc-app7"},{"binary_version":"7.2.42+dfsg-1","binary_name":"libboinc7"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2013/UBUNTU-CVE-2013-2018.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}]}