Version v1.25.12

gorm

The fantastic ORM library for Golang, aims to be developer friendly

Install Instructions

go get github.com/go-gorm/gorm
Current Version Release Date Aug 22, 2024
Language Go
Package URL (purl) pkg:github/go-gorm/gorm@0daaf1747cfa4e4850376ad50a7834fb78b0cc0e

Find gorm vulnerabilities in your supply chain.

Scan for Free

gorm Vulnerabilities

Sort by
icon CVE (Latest)
  • icon CVE (Latest)
  • icon CVE (Oldest)
  • icon CVSS Score (Highest)
  • icon CVSS Score (Lowest)
CVE question mark icon CVSS Score question mark icon CWE(s) question mark icon EPSS Score question mark icon EPSS % question mark icon Impacted Versions
CVE-2019-15562 High 9.8 CWE-89 0.004 0.74038
  • 0.2.1–0.2.38

gorm Vulnerability Remediation Guidance

CVE Description Full list of Impacted Versions Fix
CVE-2019-15562 ** DISPUTED ** GORM before 1.9.10 allows SQL injection via incomplete parentheses. NOTE: Misusing Gorm by passing untrusted user input where Gorm expects trusted SQL fragments is a vulnerability in the application, not in Gorm. 0.2.38, 0.2.37, 0.2.36, 0.2.35, 0.2.34, 0.2.33, 0.2.32, 0.2.31 (Show all) Patch → 1.9.19

Instantly see if these gorm vulnerabilities affect your code.

Scan for Free