[pkg-php-pear] Bug#987831: php-illuminate-database: Security issue: SQL injection with Microsoft SQL Server
Robin Gustafsson
robin at rgson.se
Fri Apr 30 15:07:32 BST 2021
Package: php-illuminate-database
Version: 6.20.14+dfsg-1
Severity: important
Tags: security
Upstream has published a security advisory [1,2] regarding an SQL
injection vulnerability when used with Microsoft SQL Server.
The vulnerability was fixed upstream in version 6.20.26 and 8.40.0.
[1] https://blog.laravel.com/security-sql-injection-in-sql-server-limit-offset
[2] https://github.com/laravel/framework/security/advisories/GHSA-4mg9-vhxq-vm7j
More information about the pkg-php-pear
mailing list