vieter-v/vieter
vieter-v/vieter
Archived
2
1
Fork 5
Code Issues 84 Pull requests 4 Projects Releases 12 Packages 1 Wiki Activity

Possible SQL injection attacks #205

New issue
Open
opened 2022-05-29 21:43:11 +02:00 by Jef Roosens · 2 comments
Jef Roosens commented 2022-05-29 21:43:11 +02:00
Owner
Copy link

The new filtering code for the GitRepo & BuildLog could potentially allow for sql injection. Therefore, I want to make sure all inputs are sanitized.

The new filtering code for the GitRepo & BuildLog could potentially allow for sql injection. Therefore, I want to make sure all inputs are sanitized.
Jef Roosens added this to the 0.3.0 milestone 2022-05-29 21:43:11 +02:00
Jef Roosens added the
enhancement
 label 2022-05-29 21:43:11 +02:00
Jef Roosens changed title from Investigate possible SQL injection attack surfaces to Possible SQL injection attacks 2022-06-13 22:28:56 +02:00
Jef Roosens removed this from the 0.3.0 milestone 2022-06-13 22:28:59 +02:00
Jef Roosens added
bug
 and removed
enhancement
 labels 2022-06-13 22:29:04 +02:00
Jef Roosens commented 2022-06-13 22:29:25 +02:00
Author
Owner
Copy link

So basically any argument that accepts an arbitrary string currently allows for SQL injection attacks.

So basically any argument that accepts an arbitrary string currently allows for SQL injection attacks.
Jef Roosens commented 2022-11-02 08:18:13 +01:00
Author
Owner
Copy link

This should be fixed by #283.

This should be fixed by #283.
Jef Roosens added this to the 0.5.0 milestone 2022-11-02 08:40:55 +01:00
Jef Roosens added this to the (deleted) project 2022-11-02 08:40:57 +01:00
Jef Roosens removed this from the 0.5.0 milestone 2022-12-14 18:50:37 +01:00
This repository is archived. You cannot comment on issues.
No Branch/Tag specified
Branches Tags
dev
renovate/nokogiri-1.x
renovate/redcarpet-3.x
renovate/busybox-1.x
main
release-0.6.0
0.6.0
0.5.0
0.5.0-rc.2
0.5.0-rc.1
0.4.0
0.3.0
0.3.0-rc.1
0.3.0-alpha.2
0.3.0-alpha.1
0.2.0
0.1.0
0.1.0-rc1
Labels
Clear labels   
Roadmap

Tracking issue for a larger task

  
V

This issue is blocked by a V issue

  
bug

Something is not working

  
docs

Something to add to the documentation

  
duplicate

This issue or pull request already exists

  
enhancement

New feature

  
good first issue

A good issue to start out with as a new contributor

  
help wanted

Need some help

  
idea

Issue for brainstorming a new idea

  
invalid

Something is wrong

  
question

More information is needed

  
wontfix

This won't be fixed

  
Idea

Issue for brainstorming a new idea

  
Roadmap

Tracking issue for a larger task

  
bug

Something is not working

  
duplicate

This issue or pull request already exists

  
enhancement

New feature

  
help wanted

Need some help

  
invalid

Something is wrong

  
question

More information is needed

  
wontfix

This won't be fixed

No labels
Roadmap
V
bug
docs
duplicate
enhancement
good first issue
help wanted
idea
invalid
question
wontfix
Idea
Roadmap
bug
duplicate
enhancement
help wanted
invalid
question
wontfix
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: vieter-v/vieter#205
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?