GHSA-wq8p-mqvg-2p5h – laravel/framework

Package

Manager: composer
Name: laravel/framework
Vulnerable Version: >=6.0.0 <6.20.26 || >=7.0.0 <7.30.5 || >=8.0.0 <8.40.0

Severity

Level: High

CVSS v3.1: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:U/RC:R

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

EPSS: N/A pctlN/A

Details

laravel framework SQL Injection via limit and offset functions ### Impact Those using SQL Server with Laravel and allowing user input to be passed directly to the limit and offset functions are vulnerable to SQL injection. Other database drivers such as MySQL and Postgres are not affected by this vulnerability. ### Patches This problem has been patched on Laravel versions 6.20.26, 7.30.5, and 8.40.0. ### Workarounds You may workaround this vulnerability by ensuring that only integers are passed to the limit and offset functions, as well as the skip and take functions.

Metadata

Created: 2024-05-15T22:20:42Z
Modified: 2024-05-15T22:20:42Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/05/GHSA-wq8p-mqvg-2p5h/GHSA-wq8p-mqvg-2p5h.json
CWE IDs: ["CWE-89"]
Alternative ID: N/A
Finding: F297
Auto approve: 1