Vulnerabilities > Rubygeocoder

DATE CVE VULNERABILITY TITLE RISK
2020-01-25 CVE-2020-7981 SQL Injection vulnerability in Rubygeocoder Geocoder
sql.rb in Geocoder before 1.6.1 allows Boolean-based SQL injection when within_bounding_box is used in conjunction with untrusted sw_lat, sw_lng, ne_lat, or ne_lng data.
network
low complexity
rubygeocoder CWE-89
7.5