CVE-2025-54379
EPSS 0.36%eKuiper API endpoints handling SQL queries with user-controlled table names. in github.com/lf-edge/ekuiper
Published: 7/24/2025Modified: 3/3/2026
Description
eKuiper API endpoints handling SQL queries with user-controlled table names. in github.com/lf-edge/ekuiper
Affected packages (4)
- Go/github.com/lf-edge/ekuiperfrom 0, <= 1.14.7
- Go/github.com/lf-edge/ekuiperfrom 0
- Go/github.com/lf-edge/ekuiper/v2from 0, < 2.2.1
- Go/github.com/lf-edge/ekuiper/v2from 0, < 2.2.1
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 4.0 | — | CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P |