File tree Expand file tree Collapse file tree 1 file changed +156
-2
lines changed
advisories/unreviewed/2025/10/GHSA-m494-w24q-6f7w Expand file tree Collapse file tree 1 file changed +156
-2
lines changed Original file line number Diff line number Diff line change 11{
22 "schema_version" : " 1.4.0"
33 "id" : " GHSA-m494-w24q-6f7w"
4- "modified" : " 2025-10-14T18:30:35Z "
4+ "modified" : " 2025-10-14T18:30:43Z "
55 "published" : " 2025-10-14T18:30:35Z"
66 "aliases" : [
77 " CVE-2025-59250"
88 ],
9+ "summary" : " Improper input validation in JDBC Driver for SQL Server"
910 "details" : " Improper input validation in JDBC Driver for SQL Server allows an unauthorized attacker to perform spoofing over a network."
1011 "severity" : [
1112 {
1213 "type" : " CVSS_V3"
1314 "score" : " CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"
1415 }
1516 ],
16- "affected" : [],
17+ "affected" : [
18+ {
19+ "package" : {
20+ "ecosystem" : " Maven"
21+ "name" : " com.microsoft.sqlserver:mssql-jdbc"
22+ },
23+ "ranges" : [
24+ {
25+ "type" : " ECOSYSTEM"
26+ "events" : [
27+ {
28+ "introduced" : " 10.2.0"
29+ },
30+ {
31+ "fixed" : " 10.2.4"
32+ }
33+ ]
34+ }
35+ ]
36+ },
37+ {
38+ "package" : {
39+ "ecosystem" : " Maven"
40+ "name" : " com.microsoft.sqlserver:mssql-jdbc"
41+ },
42+ "ranges" : [
43+ {
44+ "type" : " ECOSYSTEM"
45+ "events" : [
46+ {
47+ "introduced" : " 11.2.0"
48+ },
49+ {
50+ "fixed" : " 11.2.4"
51+ }
52+ ]
53+ }
54+ ]
55+ },
56+ {
57+ "package" : {
58+ "ecosystem" : " Maven"
59+ "name" : " com.microsoft.sqlserver:mssql-jdbc"
60+ },
61+ "ranges" : [
62+ {
63+ "type" : " ECOSYSTEM"
64+ "events" : [
65+ {
66+ "introduced" : " 12.2.0"
67+ },
68+ {
69+ "fixed" : " 12.2.1"
70+ }
71+ ]
72+ }
73+ ]
74+ },
75+ {
76+ "package" : {
77+ "ecosystem" : " Maven"
78+ "name" : " com.microsoft.sqlserver:mssql-jdbc"
79+ },
80+ "ranges" : [
81+ {
82+ "type" : " ECOSYSTEM"
83+ "events" : [
84+ {
85+ "introduced" : " 12.4.0"
86+ },
87+ {
88+ "fixed" : " 12.4.3"
89+ }
90+ ]
91+ }
92+ ]
93+ },
94+ {
95+ "package" : {
96+ "ecosystem" : " Maven"
97+ "name" : " com.microsoft.sqlserver:mssql-jdbc"
98+ },
99+ "ranges" : [
100+ {
101+ "type" : " ECOSYSTEM"
102+ "events" : [
103+ {
104+ "introduced" : " 12.6.0"
105+ },
106+ {
107+ "fixed" : " 12.6.5"
108+ }
109+ ]
110+ }
111+ ]
112+ },
113+ {
114+ "package" : {
115+ "ecosystem" : " Maven"
116+ "name" : " com.microsoft.sqlserver:mssql-jdbc"
117+ },
118+ "ranges" : [
119+ {
120+ "type" : " ECOSYSTEM"
121+ "events" : [
122+ {
123+ "introduced" : " 12.8.0"
124+ },
125+ {
126+ "fixed" : " 12.8.2"
127+ }
128+ ]
129+ }
130+ ]
131+ },
132+ {
133+ "package" : {
134+ "ecosystem" : " Maven"
135+ "name" : " com.microsoft.sqlserver:mssql-jdbc"
136+ },
137+ "ranges" : [
138+ {
139+ "type" : " ECOSYSTEM"
140+ "events" : [
141+ {
142+ "introduced" : " 12.10.0"
143+ },
144+ {
145+ "fixed" : " 12.10.2"
146+ }
147+ ]
148+ }
149+ ]
150+ },
151+ {
152+ "package" : {
153+ "ecosystem" : " Maven"
154+ "name" : " com.microsoft.sqlserver:mssql-jdbc"
155+ },
156+ "ranges" : [
157+ {
158+ "type" : " ECOSYSTEM"
159+ "events" : [
160+ {
161+ "introduced" : " 13.2.0"
162+ },
163+ {
164+ "fixed" : " 13.2.1"
165+ }
166+ ]
167+ }
168+ ]
169+ }
170+ ],
17171 "references" : [
18172 {
19173 "type" : " ADVISORY"
You can’t perform that action at this time.
![advisory-database[bot]](https://avatars.githubusercontent.com/in/21409?v=4&size=40){kind=avatar}
0 commit comments