Doctrine DBAL 3.x before 3.1.4 allows SQL Injection. The escaping of offset and length inputs to the generation of a LIMIT clause was not probably cast to an integer, allowing SQL injection to take place if application developers passed unescaped user input to the DBAL QueryBuilder or any other API that ultimately uses the AbstractPlatform::modifyLimitQuery API.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2021-12-09T19:02:59
Updated: 2024-08-04T04:03:08.429Z
Reserved: 2021-11-12T00:00:00
Link: CVE-2021-43608
Vulnrichment
No data.
NVD
Status : Modified
Published: 2021-12-09T20:15:07.937
Modified: 2024-11-21T06:29:30.203
Link: CVE-2021-43608
Redhat
No data.