Critical severity9.8NVD Advisory· Published Apr 28, 2021· Updated Jun 17, 2026
CVE-2021-31856
CVE-2021-31856
Description
A SQL Injection vulnerability in the REST API in Layer5 Meshery 0.5.2 allows an attacker to execute arbitrary SQL commands via the /experimental/patternfiles endpoint (order parameter in GetMesheryPatterns in models/meshery_pattern_persister.go).
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Layer5/Mesherydescription
Patches
Vulnerability mechanics
References
2- github.com/layer5io/meshery/pull/2745nvdPatchThird Party Advisory
- meshery.ionvdProductVendor Advisory
News mentions
0No linked articles in our index yet.