VYPR

RubyGems package

geocoder

pkg:gem/geocoder

Vulnerabilities (1)

  • CVE-2020-7981CriJan 25, 2020
    affected < 1.6.1fixed 1.6.1

    sql.rb in Geocoder before 1.6.1 allows Boolean-based SQL injection when within_bounding_box is used in conjunction with untrusted sw_lat, sw_lng, ne_lat, or ne_lng data.