Critical severity9.8NVD Advisory· Published Jun 11, 2019· Updated Jun 17, 2026
CVE-2019-12149
CVE-2019-12149
Description
SQL injection vulnerability in silverstripe/restfulserver module 1.0.x before 1.0.9, 2.0.x before 2.0.4, and 2.1.x before 2.1.2 and silverstripe/registry module 2.1.x before 2.1.1 and 2.2.x before 2.2.1 allows attackers to execute arbitrary SQL commands.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
silverstripe/restfulserverPackagist | >= 2.1.0, < 2.1.2 | 2.1.2 |
silverstripe/registryPackagist | >= 2.1.0, < 2.1.1 | 2.1.1 |
silverstripe/registryPackagist | >= 2.2.0, < 2.2.1 | 2.2.1 |
silverstripe/restfulserverPackagist | >= 1.0.0, < 1.0.9 | 1.0.9 |
silverstripe/restfulserverPackagist | >= 2.0.0, < 2.0.4 | 2.0.4 |
Affected products
3- silverstripe/restfulserver moduledescription
- ghsa-coords2 versions
>= 2.1.0, < 2.1.1+ 1 more
- (no CPE)range: >= 2.1.0, < 2.1.1
- (no CPE)range: >= 2.1.0, < 2.1.2
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.