Package: php-illuminate-database Version: 6.20.14+dfsg-1 Severity: important Tags: security
Upstream has published a security advisory [1,2] regarding an SQL injection vulnerability when used with Microsoft SQL Server. The vulnerability was fixed upstream in version 6.20.26 and 8.40.0. [1] https://blog.laravel.com/security-sql-injection-in-sql-server-limit-offset [2] https://github.com/laravel/framework/security/advisories/GHSA-4mg9-vhxq-vm7j