CVE-2020-7981
sql.rb in Geocoder before 1.6.1 allows Boolean-based SQL injection when within_bounding_box is used in conjunction with untrusted sw_lat, sw_lng, ne_lat, or ne_lng data.
SQL Injection
Vendor | Product | Version |
---|---|---|
rubygeocoder | geocoder | 𝑥 < 1.6.1 |
Ubuntu Releases
Common Weakness Enumeration