CVE-2020-4035 DoS or local data modification via malicious record IDs in WatermelonDB
In WatermelonDB NPM package "@nozbe/watermelondb" before versions 0.15.1 and 0.16.2, a maliciously crafted record ID can exploit a SQL Injection vulnerability in iOS adapter implementation and cause the app to delete all or selected records from the database, generally causing the app to become...