Critical severity9.8NVD Advisory· Published Aug 26, 2019· Updated Jun 17, 2026
CVE-2019-15562
CVE-2019-15562
Description
GORM before 1.9.10 allows SQL injection via incomplete parentheses. NOTE: Misusing Gorm by passing untrusted user input where Gorm expects trusted SQL fragments is a vulnerability in the application, not in Gorm
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- GORM/GORMdescription
Patches
Vulnerability mechanics
References
4- github.com/go-gorm/gorm/issues/2517nvdVendor Advisory
- github.com/go-gorm/gorm/pull/2519nvdThird Party Advisory
- github.com/go-gorm/gorm/pull/2674nvdVendor Advisory
- github.com/jinzhu/gorm/releases/tag/v1.9.10nvdRelease NotesThird Party Advisory
News mentions
0No linked articles in our index yet.