Critical severityNVD Advisory· Published Nov 4, 2022· Updated May 2, 2025
Use of Externally-Controlled Format String in pingcap/tidb
CVE-2022-3023
Description
Use of Externally-Controlled Format String in GitHub repository pingcap/tidb prior to 6.4.0, 6.1.3.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/pingcap/tidbGo | <= 6.1.2 | — |
github.com/pingcap/tidbGo | >= 6.2.0, <= 6.4.0-alpha1 | — |
Affected products
3- osv-coords2 versions
< 0.35.0-r0+ 1 more
- (no CPE)range: < 0.35.0-r0
- (no CPE)range: <= 6.1.2
- pingcap/pingcap/tidbv5Range: unspecified
Patches
Vulnerability mechanics
References
5News mentions
0No linked articles in our index yet.