scala-slick-overrideSql-literal
Detected a formatted string in a SQL statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Avoid using non literal values in overrideSql(...)
.
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-89: Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’)
OWASP:
- A01:2017 - Injection
- A03:2021 - Injection
scala-slick-sql-non-literal
Detected a formatted string in a SQL statement. This could lead to SQL injection if variables in the SQL statement are not properly sanitized. Avoid using #$variable
and use $variable
in sql"..."
strings instead.
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-89: Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’)
OWASP:
- A01:2017 - Injection
- A03:2021 - Injection