CESA-2022:0666 -- centos 7 cyrus-saslID: oval:org.secpod.oval:def:205946 | Date: (C)2022-03-17 (M)2023-11-13 |
Class: PATCH | Family: unix |
The cyrus-sasl packages contain the Cyrus implementation of Simple Authentication and Security Layer . SASL is a method for adding authentication support to connection-based protocols. Security Fix: * cyrus-sasl: failure to properly escape SQL input allows an attacker to execute arbitrary SQL commands For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section.