Skip to content

SQL Server LIMIT / OFFSET SQL Injection

High
taylorotwell published GHSA-4mg9-vhxq-vm7j Apr 28, 2021

Package

composer laravel/framework, illuminate/database (Composer)

Affected versions

>=8.0.0, <8.40.0, >=7.0.0, <7.30.5, <6.20.26

Patched versions

6.20.26, 7.30.5, 8.40.0

Description

Impact

Those using SQL Server with Laravel and allowing user input to be passed directly to the limit and offset functions are vulnerable to SQL injection. Other database drivers such as MySQL and Postgres are not affected by this vulnerability.

Patches

This problem has been patched on Laravel versions 6.20.26, 7.30.5, and 8.40.0.

Workarounds

You may workaround this vulnerability by ensuring that only integers are passed to the limit and offset functions, as well as the skip and take functions.

Severity

High

CVE ID

No known CVE

Weaknesses

No CWEs