new vulnerability in questdb

AikidoSec · Jan 30, 2025 · 150f45a · 150f45a
1 parent 8128067
commit 150f45a
Showing 1 changed file with 22 additions and 12 deletions.
diff --git a/input/new.json b/input/new.json
@@ -1,15 +1,25 @@
 {
-  "package_name": "",
-  "patch_versions": [],
-  "vulnerable_ranges": [],
-  "cwe": [],
-  "tldr": "",
-  "doest_this_affect_me": "",
-  "how_to_fix": "",
-  "vulnerable_to": "",
+  "package_name": "questdb",
+  "patch_versions": [
+    "8.2.2"
+  ],
+  "vulnerable_ranges": [
+    [
+      "3.0.0",
+      "8.2.1"
+    ]
+  ],
+  "cwe": [
+    "CWE-401"
+  ],
+  "tldr": "Affected versions of the package are vulnerable to memory leaks. When a mapping exception occurs during `TableReader` resizing after adding a column, it can cause a leak of file descriptors and memory. Additionally, if an error occurs while opening an index file during a table write, mapped memory may leak due to improper cleanup in the error handling process.",
+  "doest_this_affect_me": "You are affected if you are using a version that falls within the vulnerable range.",
+  "how_to_fix": "Upgrade the `questdb` library to the patch version.",
+  "reporter": "",
+  "vulnerable_to": "Memory Leak",
   "related_cve_id": "",
-  "language": "",
-  "severity_class": "",
-  "aikido_score": 0,
-  "changelog": ""
+  "language": "JAVA",
+  "severity_class": "LOW",
+  "aikido_score": 30,
+  "changelog": "https://github.com/questdb/questdb/releases/tag/8.2.2"
 }