Filtered by vendor Rubygeocoder Subscriptions
Total 1 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2020-7981 1 Rubygeocoder 1 Geocoder 2024-11-21 9.8 Critical
sql.rb in Geocoder before 1.6.1 allows Boolean-based SQL injection when within_bounding_box is used in conjunction with untrusted sw_lat, sw_lng, ne_lat, or ne_lng data.