geocoder 1.4.1

1 security vulnerability found in version 1.4.1

Geocoder gem for Ruby contains possible SQL injection vulnerability

critical severity CVE-2020-7981
critical severity CVE-2020-7981
Patched versions: >= 1.6.1

sql.rb in Geocoder allows Boolean-based SQL injection when within_bounding_box is used in conjunction with untrusted sw_lat, sw_lng, ne_lat, or ne_lng data.

No officially reported memory leakage issues detected.


This gem version does not have any officially reported memory leaked issues.

No license issues detected.


This gem version has a license in the gemspec.

This gem version is available.


This gem version has not been yanked and is still available for usage.