8 matches found
EUVD-2020-0454
Malware in sbrugna...
GHSA-38F9-M297-6Q9G DoS via malicious record IDs in WatermelonDB
Impact Medium severity 5.9 https://www.first.org/cvss/calculator/3.0CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H A maliciously crafted record ID can exploit a SQL Injection vulnerability in iOS adapter implementation and cause the app to delete all or selected records from the database, generally...
DoS via malicious record IDs in WatermelonDB
Impact Medium severity 5.9 https://www.first.org/cvss/calculator/3.0CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H A maliciously crafted record ID can exploit a SQL Injection vulnerability in iOS adapter implementation and cause the app to delete all or selected records from the database, generally...
CVE-2020-4035
In WatermelonDB NPM package "@nozbe/watermelondb" before versions 0.15.1 and 0.16.2, a maliciously crafted record ID can exploit a SQL Injection vulnerability in iOS adapter implementation and cause the app to delete all or selected records from the database, generally causing the app to become...
CVE-2020-4035
In WatermelonDB NPM package "@nozbe/watermelondb" before versions 0.15.1 and 0.16.2, a maliciously crafted record ID can exploit a SQL Injection vulnerability in iOS adapter implementation and cause the app to delete all or selected records from the database, generally causing the app to become...
Sql injection
In WatermelonDB NPM package "@nozbe/watermelondb" before versions 0.15.1 and 0.16.2, a maliciously crafted record ID can exploit a SQL Injection vulnerability in iOS adapter implementation and cause the app to delete all or selected records from the database, generally causing the app to become...
CVE-2020-4035 DoS or local data modification via malicious record IDs in WatermelonDB
In WatermelonDB NPM package "@nozbe/watermelondb" before versions 0.15.1 and 0.16.2, a maliciously crafted record ID can exploit a SQL Injection vulnerability in iOS adapter implementation and cause the app to delete all or selected records from the database, generally causing the app to become...
CVE-2020-4035
Summary: WatermelonDB (package "@nozbe/watermelondb") before versions 0.15.1 and 0.16.2 is affected by a SQL Injection vulnerability in the iOS adapter that can, via a maliciously crafted record ID, delete all or selected records and render the app unusable. What is affected: WatermelonDB with vu...