laravel framework SQL Injection via limit and offset functions

2024-05-1522:20:42

CWE-89

GitHub Advisory Database

github.com

laravel

sql injection

vulnerability

patched

limit and offset

integer input

sql server

mysql

postgres

AI Score

7.9

Confidence

Low

JSON

Impact

Those using SQL Server with Laravel and allowing user input to be passed directly to the limit and offset functions are vulnerable to SQL injection. Other database drivers such as MySQL and Postgres are not affected by this vulnerability.

Patches

This problem has been patched on Laravel versions 6.20.26, 7.30.5, and 8.40.0.

Workarounds

You may workaround this vulnerability by ensuring that only integers are passed to the limit and offset functions, as well as the skip and take functions.

Affected configurations

Vulners

Node

laravelframeworkRange8.0.0–8.40.0

laravelframeworkRange7.0.0–7.30.5

laravelframeworkRange6.0.0–6.20.26

VendorProductVersionCPE
laravelframework*cpe:2.3:a:laravel:framework:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
laravel	framework	*	cpe:2.3:a:laravel:framework::::::::

References

github.com/advisories/GHSA-wq8p-mqvg-2p5h

github.com/FriendsOfPHP/security-advisories/blob/master/laravel/framework/2021-04-28.yaml

github.com/laravel/framework/security/advisories/GHSA-4mg9-vhxq-vm7j

AI Score

7.9

Confidence

Low

JSON