Your submission was sent successfully! Close

CVE-2008-2381

Published: 2 January 2009

SQL injection vulnerability in the create function in common/include/GroupJoinRequest.class in GForge 4.5 and 4.6 allows remote attackers to execute arbitrary SQL commands via the comments variable.

Priority

Medium

Status

Package Release Status
gforge
Launchpad, Ubuntu, Debian
dapper Ignored
(reached end-of-life)
gutsy Needed
(reached end-of-life)
hardy Ignored
(reached end-of-life)
intrepid Needed
(reached end-of-life)
jaunty Not vulnerable
(4.7~rc2-7lenny3build0.9.04.1)
karmic Not vulnerable
(4.7.3-2)
lucid Not vulnerable
(4.8.2-1)
maverick Not vulnerable
(4.8.2-1)
natty Does not exist

oneiric Does not exist

precise Does not exist

upstream
Released (4.7~rc2-7)