{"id": "GHSA-HQ8G-QQ57-5275", "bulletinFamily": "software", "title": "SQL Injection in untitled-model", "description": "All versions of `untitled-model` re vulnerable to SQL Injection. Query parameters are not properly sanitized allowing attackers to inject SQL statements and execute arbitrary SQL queries.\n\n\n## Recommendation\n\nNo fix is currently available. Consider using an alternative package until a fix is made available.", "published": "2020-09-11T21:24:33", "modified": "2020-09-11T21:24:33", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://github.com/advisories/GHSA-hq8g-qq57-5275", "reporter": "GitHub Advisory Database", "references": ["https://github.com/advisories/GHSA-hq8g-qq57-5275", "https://hackerone.com/reports/507222"], "cvelist": [], "type": "github", "lastseen": "2020-09-12T00:58:22", "edition": 2, "viewCount": 7, "enchantments": {"dependencies": {"references": [{"type": "github", "idList": ["GHSA-HQ8G-QQ57-5275"]}, {"type": "hackerone", "idList": ["H1:507222"]}], "modified": "2020-09-12T00:58:22", "rev": 2}, "score": {"value": 6.7, "vector": "NONE", "modified": "2020-09-12T00:58:22", "rev": 2}, "vulnersScore": 6.7}, "affectedSoftware": [{"name": "untitled-model", "operator": "lt", "version": "0"}], "scheme": null}

{}