reports/GO-2020-0030.toml - vulndb - Git at Google

 package = "github.com/go-gorm/gorm"

 description = """
 Multiple methods are vulnerable to blind SQL injection attacks
 due to constructing SQL statements using unsantized user input.
 """

 credit = "@wahyuhadi"

 symbols = ["Scope.buildCondition"]

 [[versions]]
 fixed = "v0.2.0"

 [[additional_packages]]
 package = "github.com/jinzhu/gorm"
 symbols = ["Scope.buildCondition"]

 [links]
 commit = "https://github.com/go-gorm/gorm/commit/836fb2c19d84dac7b0272958dfb9af7cf0d0ade4"
 context = ["https://github.com/go-gorm/gorm/issues/2517"]
	package = "github.com/go-gorm/gorm"

	description = """
	Multiple methods are vulnerable to blind SQL injection attacks
	due to constructing SQL statements using unsantized user input.
	"""

	credit = "@wahyuhadi"

	symbols = ["Scope.buildCondition"]

	[[versions]]
	fixed = "v0.2.0"

	[[additional_packages]]
	package = "github.com/jinzhu/gorm"
	symbols = ["Scope.buildCondition"]

	[links]
	commit = "https://github.com/go-gorm/gorm/commit/836fb2c19d84dac7b0272958dfb9af7cf0d0ade4"
	context = ["https://github.com/go-gorm/gorm/issues/2517"]