blakeblackshear.frigate/frigate/embeddings/__init__.py at vulkan

mirror of https://github.com/blakeblackshear/frigate.git synced 2026-04-19 23:08:08 +02:00

Files

ryzendigo aea91a91d5 fix: use parameterized query in get_face_ids to prevent SQL injection (#22500 )

The name parameter was interpolated directly into the SQL query via
f-string, allowing SQL injection through crafted face name values.

Use a parameterized query with ? placeholder instead.

2026-03-16 17:23:44 -06:00

11 KiB

Raw Permalink Blame History

View Raw

11 KiB Raw Permalink Blame History

11 KiB

Raw Permalink Blame History