Beberlei

**Name of the Vulnerable Software and Affected Versions** Doctrine DBAL versions 3.x before 3.1.4 **Description** The issue allows SQL Injection due to improper casting of offset and length inputs to the generation of a LIMIT clause. This can occur if application developers pass unescaped user input to the DBAL QueryBuilder or any other API that uses the AbstractPlatform::modifyLimitQuery API. **Recommendations** For Doctrine DBAL versions 3.x before 3.1.4, update to version 3.1.4 or later to resolve the issue. As a temporary workaround, consider validating and sanitizing user input before passing it to the DBAL QueryBuilder or other affected APIs to minimize the risk of SQL injection.