CNNVD-202506-3571 Information

Jun 27, 2025 cve

CNNVD ID

CNNVD-202506-3571

CVE-2025-6768

CNNVD Published: 2025-06-27

Description (Chinese)

update等都是(Aaron)个人开发者的产品。update是一个库。ClickHouse ch等都是(ClickHouse)开源的产品。ch是一个ClickHouse的低级Go客户端。Brian Smith ring等都是(Brian Smith)个人开发者的产品。ring是一个库。 hosporder存在注入漏洞，该漏洞源于文件HospitalServiceImpl.java中参数hospitalName的错误操作导致SQL注入。

Description (English)

Update and others are products of individual developers. Update is a library. Clickhousech is an open source product. c is a Click House low-level Go client. Brian Smith ring and so on is the product of Brian Smith’s personal developers. Ring is a library. Hosporder has an injection loophole, which stems from the error of the hospitatalServiceImpl.java parameter, which caused the SQL injection.

Hazard Level

High

Vulnerability Type

注入

Affected Vendor

Live Support

Published

2025-06-27

Last Modified

2026-02-24

References

https://github.com/sfturing/hosp_order/issues/110 https://vuldb.com/?ctiid.314082 https://vuldb.com/?id.314082 https://vuldb.com/?submit.601081 https://access.redhat.com/security/cve/cve-2025-6768

Share on: