CNNVD-202507-3127 Information

CNNVD ID

CNNVD-202507-3127

Related CVE

CVE-2025-54379

• CNNVD Published: 2025-07-24

Description (Chinese)

LF Edge eKuiper是LF Edge开源的一个边缘轻量级物联网数据分析软件。 LF Edge eKuiper 2.2.1之前版本存在SQL注入漏洞，该漏洞源于getLast API功能中存在SQL注入漏洞，可能导致执行任意SQL语句。

Description (English)

LF Edge e Kuiper is a remote lightweight network data analysis software for LF Edge open source. The previous version of LF Edge eKuiper 2.2.1 had an SQL injection loophole, which originated from the SQL injection gap in the GetLast API function, which could lead to the implementation of any SQL statement.

Hazard Level

Low

Vulnerability Type

SQL注入

Affected Vendor

lib

Published

2025-07-24

Last Modified

2026-02-24

References

https://github.com/lf-edge/ekuiper/commit/72c4918744934deebf04e324ae66933ec089ebd3 https://github.com/lf-edge/ekuiper/security/advisories/GHSA-526j-mv3p-f4vv

Patch

https://github.com/lf-edge/ekuiper/releases