GHSA-vjrg-wpm8-rhrw

Suggest an improvement
Source
https://github.com/advisories/GHSA-vjrg-wpm8-rhrw
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/05/GHSA-vjrg-wpm8-rhrw/GHSA-vjrg-wpm8-rhrw.json
JSON Data
https://api.osv.dev/v1/vulns/GHSA-vjrg-wpm8-rhrw
Published
2024-05-15T20:19:47Z
Modified
2024-11-29T05:42:43.555345Z
Summary
doctrine/orm Regression in Query Parenthesis can have Security Implications
Details

An issue identified in doctrine/orm project related to statement in Where-Clause were not wrapped in brackets due to improper hadandling of case insensitive check.

Database specific 
{
    "nvd_published_at": null,
    "cwe_ids": [],
    "severity": "HIGH",
    "github_reviewed": true,
    "github_reviewed_at": "2024-05-15T20:19:47Z"
}
References

Affected packages

Packagist / doctrine/orm

Package

Name
doctrine/orm
Purl
pkg:composer/doctrine/orm

Affected ranges

Type
ECOSYSTEM
Events
Introduced
2.8.3
Fixed
2.8.4

Affected versions

2.*

2.8.3