Name of the Vulnerable Software and Affected Versions: Doctrine versions 1.2.3 and earlier for PostgreSQL and DB2 Dialects Doctrine versions 2.0.2 and earlier

Description: The issue affects the DoctrineDBALPlatformsAbstractPlatform::modifyLimitQuery() function, which does not cast input values for limit and offset to integer, allowing malicious SQL to be executed if these parameters are passed into Doctrine 2 directly from request variables without previous cast to integer. This also affects functionality building on top using limit queries in the ORM, such as DoctrineORMQuery::setFirstResult() and DoctrineORMQuery::setMaxResults().

Recommendations: For Doctrine versions 1.2.3 and earlier for PostgreSQL and DB2 Dialects, update to the newly released version of the library. For Doctrine versions 2.0.2 and earlier, update to the newly released version of the library. As a temporary workaround, consider casting input values for limit and offset to integer before passing them into Doctrine 2 to minimize the risk of exploitation. Developers that extend the DoctrineDBALPlatformsAbstractPlatform::modifyLimitQuery() method should overwrite the DoctrineDBALPlatformsAbstractPlatform::doModifyLimitQuery() method instead, due to the backwards compatibility break.