New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Nullify] Fix SQL Injection Vulnerability CVE-01HX8MRPBAXNB9566W87KAK6NM #11

Open

nalbion-nullify wants to merge 1 commit into main from nullify/code-fix-436407

nalbion-nullify bot commented May 8, 2024

Security Fix for CVE-01HX8MRPBAXNB9566W87KAK6NM\n\nFixed a high-severity SQL Injection vulnerability in `SqlInjectionLesson8.java`.\n\nChanges Made:\n- Replaced direct `statement.executeUpdate` with a safer `PreparedStatement` to prevent SQL injection.\n- Parameterized SQL query handling to improve security against injection attacks.\n\nVulnerability Details:\n- Found in `SqlInjectionLesson8.java` at line 158.\n- Impact: Allows execution of arbitrary SQL commands due to improper input sanitization.\n\nFor more information on SQL injections, check out CWE-89 - SQL Injection.

The vulnerability is fixed.


          [Nullify] Fix SQL Injection Vulnerability CVE-01HX8MRPBAXNB9566W87KAK6NM

156ee4d

nalbion-nullify bot mentioned this pull request

Vulnerabilities Dashboard - Code #3

Closed

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet