7 matches found
Linux Distros Unpatched Vulnerability : CVE-2021-43608
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Doctrine DBAL 3.x before 3.1.4 allows SQL Injection. The escaping of offset and length inputs to the generation of a LIMIT clause was not probably cast to an...
CVE-2021-43608
Doctrine DBAL 3.x before 3.1.4 allows SQL Injection. The escaping of offset and length inputs to the generation of a LIMIT clause was not probably cast to an integer, allowing SQL injection to take place if application developers passed unescaped user input to the DBAL QueryBuilder or any other A...
UBUNTU-CVE-2021-43608
Doctrine DBAL 3.x before 3.1.4 allows SQL Injection. The escaping of offset and length inputs to the generation of a LIMIT clause was not probably cast to an integer, allowing SQL injection to take place if application developers passed unescaped user input to the DBAL QueryBuilder or any other A...
CVE-2021-43608
Doctrine DBAL 3.x before 3.1.4 allows SQL Injection. The escaping of offset and length inputs to the generation of a LIMIT clause was not probably cast to an integer, allowing SQL injection to take place if application developers passed unescaped user input to the DBAL QueryBuilder or any other A...
CVE-2021-43608
Doctrine DBAL 3.x before 3.1.4 is affected by a SQL injection in the LIMIT clause generation. The root cause is that offset and length inputs used to build LIMIT are not reliably cast to integers, which allows injection when unescaped user input is passed to the DBAL QueryBuilder or APIs that cal...
GHSA-R7CJ-8HJG-X622 DBAL 3 SQL Injection Security Vulnerability
We have released a new version Doctrine DBAL 3.1.4 that fixes a critical SQL injection vulnerability in the LIMIT clause generation API provided by the Platform abstraction. We advise everyone using Doctrine DBAL 3.0.0 up to 3.1.3 to upgrade to 3.1.4 immediately. The vulnerability can happen when...
DBAL 3 SQL Injection Security Vulnerability
We have released a new version Doctrine DBAL 3.1.4 that fixes a critical SQL injection vulnerability in the LIMIT clause generation API provided by the Platform abstraction. We advise everyone using Doctrine DBAL 3.0.0 up to 3.1.3 to upgrade to 3.1.4 immediately. The vulnerability can happen when...