laravel framework SQL Injection via limit and offset functions

2024-05-1522:20:42

Google

osv.dev

sql server

laravel

vulnerability

patched

workaround

integer

software

7.9 High

AI Score

Confidence

Low

JSON

Impact

Those using SQL Server with Laravel and allowing user input to be passed directly to the limit and offset functions are vulnerable to SQL injection. Other database drivers such as MySQL and Postgres are not affected by this vulnerability.

Patches

This problem has been patched on Laravel versions 6.20.26, 7.30.5, and 8.40.0.

Workarounds

You may workaround this vulnerability by ensuring that only integers are passed to the limit and offset functions, as well as the skip and take functions.

CPENameOperatorVersion
laravel/frameworkeq6.18.32
laravel/frameworkeq7.23.0
laravel/frameworkeq8.8.0
laravel/frameworkeq8.14.0
laravel/frameworkeq6.12.0
laravel/frameworkeq7.30.0
laravel/frameworkeq7.29.1
laravel/frameworkeq8.1.0
laravel/frameworkeq7.12.0
laravel/frameworkeq6.20.8

Name	Operator	Version
laravel/framework	eq	6.18.32
laravel/framework	eq	7.23.0
laravel/framework	eq	8.8.0
laravel/framework	eq	8.14.0
laravel/framework	eq	6.12.0
laravel/framework	eq	7.30.0
laravel/framework	eq	7.29.1
laravel/framework	eq	8.1.0
laravel/framework	eq	7.12.0
laravel/framework	eq	6.20.8

Rows per page:

1-10 of 2461

References

github.com/FriendsOfPHP/security-advisories/blob/master/laravel/framework/2021-04-28.yaml

github.com/laravel/framework

github.com/laravel/framework/security/advisories/GHSA-4mg9-vhxq-vm7j

7.9 High

AI Score

Confidence

Low

JSON