Search CVE reports


Toggle filters

1 – 3 of 3 results


CVE-2021-43608

Medium priority
Vulnerable

Doctrine DBAL 3.x before 3.1.4 allows SQL Injection. The escaping of offset and length inputs to the generation of a LIMIT clause was not probably cast to an integer, allowing SQL injection to take place if application developers...

1 affected packages

php-doctrine-dbal

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
php-doctrine-dbal Not affected Not affected Not affected Not affected Vulnerable
Show less packages

CVE-2015-5723

Medium priority
Ignored

Doctrine Annotations before 1.2.7, Cache before 1.3.2 and 1.4.x before 1.4.2, Common before 2.4.3 and 2.5.x before 2.5.1, ORM before 2.4.8 or 2.5.x before 2.5.1, MongoDB ODM before 1.0.2, and MongoDB ODM Bundle before 3.0.1 use...

4 affected packages

doctrine, php-doctrine-annotations, php-doctrine-cache, php-doctrine-common

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
doctrine Not affected Not affected
php-doctrine-annotations Not affected Not affected
php-doctrine-cache Not affected Not affected
php-doctrine-common Not affected Not affected
Show less packages

CVE-2011-1522

Medium priority

Not in release

Multiple SQL injection vulnerabilities in the Doctrine\DBAL\Platforms\AbstractPlatform::modifyLimitQuery function in Doctrine 1.x before 1.2.4 and 2.x before 2.0.3 allow remote attackers to execute arbitrary SQL commands via the...

1 affected packages

doctrine

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
doctrine
Show less packages