Security Advisory

CVE-2020-11010

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-04-20 21:50:13

Last updated 2024-08-04 11:21:14

Assigner GitHub_M

State PUBLISHED

Description

In Tortoise ORM before versions 0.15.23 and 0.16.6, various forms of SQL injection have been found for MySQL and when filtering or doing mass-updates on char/text fields. SQLite & PostgreSQL are only affected when filtering with contains, starts_with, or ends_with filters (and their case-insensitive counterparts).

← Browse all CVEs View on cve.org ↗