exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 4

CVE-2021-43608

около 4 лет назад

Doctrine DBAL 3.x before 3.1.4 allows SQL Injection. The escaping of offset and length inputs to the generation of a LIMIT clause was not probably cast to an integer, allowing SQL injection to take place if application developers passed unescaped user input to the DBAL QueryBuilder or any other API that ultimately uses the AbstractPlatform::modifyLimitQuery API.

CVSS3: 9.8

EPSS: Низкий

CVE-2021-43608

около 4 лет назад

Doctrine DBAL 3.x before 3.1.4 allows SQL Injection. The escaping of offset and length inputs to the generation of a LIMIT clause was not probably cast to an integer, allowing SQL injection to take place if application developers passed unescaped user input to the DBAL QueryBuilder or any other API that ultimately uses the AbstractPlatform::modifyLimitQuery API.

CVSS3: 9.8

EPSS: Низкий

CVE-2021-43608

около 4 лет назад

Doctrine DBAL 3.x before 3.1.4 allows SQL Injection. The escaping of o ...

CVSS3: 9.8

EPSS: Низкий

GHSA-r7cj-8hjg-x622

около 4 лет назад

DBAL 3 SQL Injection Security Vulnerability

CVSS3: 9.8

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2021-43608 Doctrine DBAL 3.x before 3.1.4 allows SQL Injection. The escaping of offset and length inputs to the generation of a LIMIT clause was not probably cast to an integer, allowing SQL injection to take place if application developers passed unescaped user input to the DBAL QueryBuilder or any other API that ultimately uses the AbstractPlatform::modifyLimitQuery API.	CVSS3: 9.8	1% Низкий	около 4 лет назад
CVE-2021-43608 Doctrine DBAL 3.x before 3.1.4 allows SQL Injection. The escaping of offset and length inputs to the generation of a LIMIT clause was not probably cast to an integer, allowing SQL injection to take place if application developers passed unescaped user input to the DBAL QueryBuilder or any other API that ultimately uses the AbstractPlatform::modifyLimitQuery API.	CVSS3: 9.8	1% Низкий	около 4 лет назад
CVE-2021-43608 Doctrine DBAL 3.x before 3.1.4 allows SQL Injection. The escaping of o ...	CVSS3: 9.8	1% Низкий	около 4 лет назад
GHSA-r7cj-8hjg-x622 DBAL 3 SQL Injection Security Vulnerability	CVSS3: 9.8	1% Низкий	около 4 лет назад

Уязвимостей на страницу