TEMP-0987831-866E01

NameTEMP-0987831-866E01
DescriptionSQL Server LIMIT / OFFSET SQL Injection
SourceAutomatically generated temporary name. Not for external reference.
Debian Bugs987831, 987848

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
php-illuminate-database (PTS)buster5.7.27-1+deb10u1fixed
php-laravel-framework (PTS)bullseye6.20.14+dfsg-2+deb11u1fixed
bullseye (security)6.20.14+dfsg-2+deb11u2fixed
sid, bookworm8.83.26+dfsg-2fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
php-illuminate-databasesourcebuster5.7.27-1+deb10u1
php-illuminate-databasesource(unstable)(unfixed)987848
php-laravel-frameworksource(unstable)6.20.14+dfsg-2987831

Notes

https://github.com/laravel/framework/security/advisories/GHSA-4mg9-vhxq-vm7j
https://blog.laravel.com/security-sql-injection-in-sql-server-limit-offset

Search for package or bug name: Reporting problems