3 matches found
CVE-2018-18476
mysql-binuuid-rails 1.1.0 and earlier allows SQL Injection because it removes default string escaping for affected database columns...
CVE-2018-18476
mysql-binuuid-rails 1.1.0 and earlier allows SQL Injection because it removes default string escaping for affected database columns...
CVE-2018-18476
The CVE-2018-18476 entry concerns the mysql-binuuid-rails project. Affected software: mysql-binuuid-rails versions 1.1.0 and earlier. Root cause: the vulnerability arises because default string escaping is removed for affected database columns, enabling SQL injection. Reported impact: the issue a...