Search CVE reports
1 – 3 of 3 results
CVE-2021-43608
Medium priorityDoctrine DBAL 3.x before 3.1.4 allows SQL Injection. The escaping of offset and length inputs to the generation of a LIMIT clause was not probably cast to an integer, allowing SQL injection to take place if application developers...
1 affected packages
php-doctrine-dbal
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
php-doctrine-dbal | Not affected | Not affected | Not affected | Not affected | Vulnerable |
CVE-2015-5723
Medium priorityDoctrine Annotations before 1.2.7, Cache before 1.3.2 and 1.4.x before 1.4.2, Common before 2.4.3 and 2.5.x before 2.5.1, ORM before 2.4.8 or 2.5.x before 2.5.1, MongoDB ODM before 1.0.2, and MongoDB ODM Bundle before 3.0.1 use...
4 affected packages
doctrine, php-doctrine-annotations, php-doctrine-cache, php-doctrine-common
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
doctrine | — | — | — | Not affected | Not affected |
php-doctrine-annotations | — | — | — | Not affected | Not affected |
php-doctrine-cache | — | — | — | Not affected | Not affected |
php-doctrine-common | — | — | — | Not affected | Not affected |
CVE-2011-1522
Medium priorityNot in release
Multiple SQL injection vulnerabilities in the Doctrine\DBAL\Platforms\AbstractPlatform::modifyLimitQuery function in Doctrine 1.x before 1.2.4 and 2.x before 2.0.3 allow remote attackers to execute arbitrary SQL commands via the...
1 affected packages
doctrine
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
doctrine | — | — | — | — | — |