Lucene search
K

7 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2021-43608

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Doctrine DBAL 3.x before 3.1.4 allows SQL Injection. The escaping of offset and length inputs to the generation of a LIMIT clause was not probably cast to an...

9.8CVSS8.5AI score0.02369EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2021/12/09 8:15 p.m.24 views

CVE-2021-43608

Doctrine DBAL 3.x before 3.1.4 allows SQL Injection. The escaping of offset and length inputs to the generation of a LIMIT clause was not probably cast to an integer, allowing SQL injection to take place if application developers passed unescaped user input to the DBAL QueryBuilder or any other A...

9.8CVSS7.3AI score0.02369EPSS
Exploits0References2
OSV
OSV
added 2021/12/09 8:15 p.m.2 views

UBUNTU-CVE-2021-43608

Doctrine DBAL 3.x before 3.1.4 allows SQL Injection. The escaping of offset and length inputs to the generation of a LIMIT clause was not probably cast to an integer, allowing SQL injection to take place if application developers passed unescaped user input to the DBAL QueryBuilder or any other A...

9.8CVSS7.3AI score0.02369EPSS
Exploits0References3
Cvelist
Cvelist
added 2021/12/09 7:2 p.m.36 views

CVE-2021-43608

Doctrine DBAL 3.x before 3.1.4 allows SQL Injection. The escaping of offset and length inputs to the generation of a LIMIT clause was not probably cast to an integer, allowing SQL injection to take place if application developers passed unescaped user input to the DBAL QueryBuilder or any other A...

10AI score0.02369EPSS
Exploits0References4
CVE
CVE
added 2021/12/09 7:2 p.m.106 views

CVE-2021-43608

Doctrine DBAL 3.x before 3.1.4 is affected by a SQL injection in the LIMIT clause generation. The root cause is that offset and length inputs used to build LIMIT are not reliably cast to integers, which allows injection when unescaped user input is passed to the DBAL QueryBuilder or APIs that cal...

9.8CVSS9.7AI score0.02369EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2021/11/16 5:25 p.m.28 views

GHSA-R7CJ-8HJG-X622 DBAL 3 SQL Injection Security Vulnerability

We have released a new version Doctrine DBAL 3.1.4 that fixes a critical SQL injection vulnerability in the LIMIT clause generation API provided by the Platform abstraction. We advise everyone using Doctrine DBAL 3.0.0 up to 3.1.3 to upgrade to 3.1.4 immediately. The vulnerability can happen when...

9.8CVSS9.7AI score0.02369EPSS
Exploits0References7
Github Security Blog
Github Security Blog
added 2021/11/16 5:25 p.m.39 views

DBAL 3 SQL Injection Security Vulnerability

We have released a new version Doctrine DBAL 3.1.4 that fixes a critical SQL injection vulnerability in the LIMIT clause generation API provided by the Platform abstraction. We advise everyone using Doctrine DBAL 3.0.0 up to 3.1.3 to upgrade to 3.1.4 immediately. The vulnerability can happen when...

9.8CVSS1.9AI score0.02369EPSS
Exploits0References7Affected Software1
Rows per page
Query Builder