data/reports/GO-2025-4088.yaml - vulndb - Git at Google

 id: GO-2025-4088
 modules:
     - module: github.com/sqls-server/sqls
       vulnerable_at: 0.2.28
 summary: sqls-server/sqls is vulnerable to command injection in the config command in github.com/sqls-server/sqls
 cves:
     - CVE-2025-61141
 ghsas:
     - GHSA-f9f4-5859-29mf
 references:
     - advisory: https://github.com/advisories/GHSA-f9f4-5859-29mf
     - advisory: https://nvd.nist.gov/vuln/detail/CVE-2025-61141
     - fix: https://github.com/sqls-server/sqls/commit/468a23fc89af89f632cc023a10c031e4bc781797
     - web: https://advisory.dw1.io/54
     - web: https://lukmanern.github.io/CVE-2025-61141.html
 source:
     id: GHSA-f9f4-5859-29mf
     created: 2025-11-03T14:05:15.606763-05:00
 review_status: UNREVIEWED
	id: GO-2025-4088
	modules:
	- module: github.com/sqls-server/sqls
	vulnerable_at: 0.2.28
	summary: sqls-server/sqls is vulnerable to command injection in the config command in github.com/sqls-server/sqls
	cves:
	- CVE-2025-61141
	ghsas:
	- GHSA-f9f4-5859-29mf
	references:
	- advisory: https://github.com/advisories/GHSA-f9f4-5859-29mf
	- advisory: https://nvd.nist.gov/vuln/detail/CVE-2025-61141
	- fix: https://github.com/sqls-server/sqls/commit/468a23fc89af89f632cc023a10c031e4bc781797
	- web: https://advisory.dw1.io/54
	- web: https://lukmanern.github.io/CVE-2025-61141.html
	source:
	id: GHSA-f9f4-5859-29mf
	created: 2025-11-03T14:05:15.606763-05:00
	review_status: UNREVIEWED