{"id":"CVE-2022-4399","summary":"TicklishHoneyBee nodau db.c sql injection","details":"A vulnerability was found in TicklishHoneyBee nodau. It has been rated as critical. Affected by this issue is some unknown functionality of the file src/db.c. The manipulation of the argument value/name leads to sql injection. The name of the patch is 7a7d737a3929f335b9717ddbd31db91151b69ad2. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-215252.","modified":"2026-05-19T00:39:08.119358Z","published":"2022-12-10T00:00:00Z","database_specific":{"cna_assigner":"VulDB","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/4xxx/CVE-2022-4399.json","cwe_ids":["CWE-707"]},"references":[{"type":"WEB","url":"https://vuldb.com/?id.215252"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/4xxx/CVE-2022-4399.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-4399"},{"type":"FIX","url":"https://github.com/TicklishHoneyBee/nodau/commit/7a7d737a3929f335b9717ddbd31db91151b69ad2"},{"type":"FIX","url":"https://github.com/TicklishHoneyBee/nodau/pull/26"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/ticklishhoneybee/nodau","events":[{"introduced":"0"},{"fixed":"7a7d737a3929f335b9717ddbd31db91151b69ad2"}],"database_specific":{"source":"REFERENCES"}}],"versions":["v0.3.8","v0.3.7","v0.3.6","v0.3.5","v0.3.4","v0.3.3","v0.3.2","v0.3.1","v0.3.0"],"database_specific":{"vanir_signatures":[{"signature_version":"v1","digest":{"threshold":0.9,"line_hashes":["303983630242556410311672699158956633467","71499854133615171770895906052409212869","92604545006411061145820306845868935123","270420472280771672584607465768667532754"]},"target":{"file":"src/edit.c"},"signature_type":"Line","deprecated":false,"source":"https://github.com/ticklishhoneybee/nodau/commit/7a7d737a3929f335b9717ddbd31db91151b69ad2","id":"CVE-2022-4399-085752ac"},{"signature_version":"v1","digest":{"threshold":0.9,"line_hashes":["220077255670172517469659362740396878108","32152425791934044834379851842228186781","238015134087219505584587765945293165424","8265645216601249147815872756681571887","101174584379961206002306045164503461894","334372379568649365900827020725360290582","155161866965538311290721953814571064468","286144686912161310496978550447016805394","55695778189050286310257037177799672681","131298456139013868821065262633935501996","167151049315703213690770821808353661190","336189486306234553157239543324679914406","324658004757048485276837914621620078059"]},"target":{"file":"src/db.c"},"signature_type":"Line","deprecated":false,"source":"https://github.com/ticklishhoneybee/nodau/commit/7a7d737a3929f335b9717ddbd31db91151b69ad2","id":"CVE-2022-4399-6db549e5"},{"signature_version":"v1","digest":{"length":540,"function_hash":"262014694912892732859119665972027525242"},"target":{"file":"src/db.c","function":"db_update"},"signature_type":"Function","deprecated":false,"source":"https://github.com/ticklishhoneybee/nodau/commit/7a7d737a3929f335b9717ddbd31db91151b69ad2","id":"CVE-2022-4399-d65800d4"},{"signature_version":"v1","digest":{"length":1254,"function_hash":"167158113131622619940783978181612783006"},"target":{"file":"src/edit.c","function":"edit_ext"},"signature_type":"Function","deprecated":false,"source":"https://github.com/ticklishhoneybee/nodau/commit/7a7d737a3929f335b9717ddbd31db91151b69ad2","id":"CVE-2022-4399-fd048ae2"}],"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-4399.json","vanir_signatures_modified":"2026-05-19T00:39:08Z"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"}]}